About Detect

Continuous security testing at scale

Detect is a continuous security testing service that allows you to ask questions of your infrastructure - at tremendous scale - to understand your security posture at a glance.

Use Detect to validate that your endpoint defenses are working as expected.

It works like this:


Security testing has long been reserved for low-scale, development environments. The results are typically extrapolated to the infrastructure as a whole. The decisions that follow are made with partial information.

Detect is a production-first service that runs real - not emulated - security tests across any device - laptop, server or otherwise - and provides input into questions like:

  • Will my controls protect me against the latest CVE?
  • How would we respond to the latest CISA alert?
  • How many of our devices have our private key on them?


Detect is intended to run anywhere code runs. It is a low-install, fully autonomous process that has been tested across MacOS, Linux and Windows (more coming). Detect is also safe—and recommended—for production use.


Deploy lightweight "probes" across your infrastructure, starting with your development environments and moving into production. Probes can be provisioned in multiple ways, each designed to be low friction.

The internal Prelude security team regularly publishes tests for probes to run. These tests are designed to understand the surface area of endpoints, dynamically, and across multiple vectors from vulnerability exposure to configuration management.


Detect probes are open-source, so you can start by reading the source code today. You don't need to plan for a full-fledged, scaled deployment to get started. Deploy a single probe and add more over time to understand your overall security posture.

Detect is free to use at low volume (100 tests a day). Want a higher limit? Contact us at [email protected]