About Detect

Continuous security testing at scale

Detect is a continuous security testing service that allows you to ask questions of your infrastructure - at tremendous scale - and get answers that fuel decisions.

Regularly, the internal Prelude security team publishes tests for Detect. These tests are designed to understand the security posture of endpoints, dynamically, and across multiple vectors from vulnerability exposure to configuration management. These tests are loaded into Detect and you can enable/disable them across your environment.

Why

Security testing has long been reserved for low-scale, development environments. The results are typically extrapolated to the infrastructure as a whole. The decisions that follow are made with partial information.

Detect is a production-first service that runs real security tests across any device - laptop, server or otherwise - and provides input into questions like:

  • Will my controls protect me against the latest CVE?
  • How would we respond to the latest CISA alert?
  • How many of our devices have our private key on them?

Where

Detect is intended to run anywhere code runs. It is a low-install, fully autonomous process that has been tested across MacOS, Linux and Windows (other systems coming). Detect is also safe - and recommended - for production use.

How

Deploy lightweight "probes" across your infrastructure, starting with your development environments and moving into production once comfortable. Probes can be provisioned in multiple ways, each designed to be low friction.

When

Detect probes are open-source, so you can start by reading the source code today. You don't need to plan for a full-fledged, scaled deployment to get started. Start by deploying a single probe and add more over time to understand your overall security posture.