Next-Gen Cyber Defense Platform

Automated Inventory Management, Audits, and Incident Response

What Our Customers Say About Us

As an IT-Systemadministrator in a mid-sized enterprise company working on a huge daily load of tasks, Tholian Oversight has made my day-to-day work much easier. For example, previously it took me 2-3 full days a week to manage critical security updates across a variety of linux distributions, and verifying that everything is up-to-date and doesn't break any production systems. Now, update management uses less than a couple seconds and that's it. - ProMinent GmbH, Germany
The Tholian platform is helping us to get ahead of the alert fatique, and has lots of helpful features to sandbox and quarantine infected systems autonomously, which gives our Blueteam a decisive advantage against ransomware attacks and other malware that would otherwise spread across the network. - Anonymous Industrial Security Vendor, Netherlands
When I was first talking to the Founder about his project, I was jokingly asking whether the EDR agent was running on our custom-made OpenWRT routers, expecting him to say no. He literally proved to us that it works, live, in the very same call, on an internet-connected prototype of our router devices. This project is done by people that love what they're doing, and they stand behind their vision and values. - AirZen Networks Lda, Portugal

We Love Linux Distributions

The Tholian Cyber Defense Platform treats Linux and POSIX systems as a first-class citizen, and not as an afterthought.

Our unique approach cross-references all Linux distribution-specific security trackers and rates them based on confirmation bias, exploitability, confirmed working exploits in the wild, and their correct risk assessment ratings.

This approach guarantees that we don't have false positives, as all detected vulnerabilities are confirmed to be working and to be exploitable.

We support all major Linux distributions, including their (upstream) vulnerability and advisory feeds. All vulnerability feeds are integrated end-to-end with our Endpoint Agent.

Linux Distribution Support

Distribution Sources Audits Incidents Mitigations
Alma Linux security tracker yes yes yes
Alpine Linux security tracker yes yes yes
Amazon Linux security tracker yes yes yes
Antergos (same as upstream Arch Linux) yes yes yes
Arch Linux security tracker yes yes yes
CBL Mariner JSON feeds yes yes yes
Debian GNU/Linux security tracker yes yes yes
Fedora Linux (same as upstream RedHat Release) yes yes yes
Gentoo Linux security tracker yes yes yes
Linux Mint (same as upstream Ubuntu Release) yes yes yes
Manjaro Linux (same as upstream Arch Linux) yes yes yes
OpenSUSE OVAL feeds yes yes yes
OpenWRT advisory feed yes yes yes
Oracle Linux OVAL feeds yes yes yes
VMWare PhotonOS JSON feeds yes yes yes
RedHat Enterprise Linux OVAL feeds yes yes yes
Rocky Linux security tracker yes yes yes
SUSE Enterprise Linux OVAL feeds yes yes yes
Trisquel GNU/Linux (same as upstream Ubuntu Release) yes yes yes
Ubuntu Linux OVAL feeds yes yes yes

We love BSD Distributions

Although BSD distributions come with a lot of limitations, such as lack of support for eBPF kernel modules, we still try to improve their support for Cyber Security software together with the communities.

There's an ongoing effort to improve BSD's upstream kernel support for mandatory features such as kernel hooks, procfs, and process analysis APIs.

BSD Distribution Support

Distribution Sources Audits Incidents Mitigations
FreeBSD VuXML feed yes partial [1] yes [2]
NetBSD custom feed yes partial [1] yes [2]
OpenBSD partial (no schema available) yes partial [1] yes [2]
[1] no eBPF process analysis, procfs and iptables fallback
[2] no eBPF firewalling, procfs and iptables fallback

We Love Source Code Audits

The Tholian Cyber Defense Platform allows to also audit code that's used in production. It doesn't matter whether your server uses a scripting language or a programming language. Our EDR agent supports analysis of both dynamically linked binaries and statically linked ones, as well as the following programming language metadata formats.

Programming Language Support

Programming Language Sources Package Managers Audits
C / C++ GHSA, NVD conan partial [1]
C#, .NET GHSA, NVD nuget partial [1]
Go GHSA, NVD, GOVD go vulncheck yes
Java GHSA, NVD jcmd, maven yes
node.js GHSA, NVD npm yes
Perl GHSA, NVD, CPANSA cpan yes
PHP GHSA, NVD, FriendsOfPHP SA composer, phar yes
Python GHSA, NVD, PYPA SA pip yes
Ruby GHSA, NVD, RubySec rubygems yes
Rust GHSA, NVD, RUSTSEC cargo yes
[1] relies on static code analysis and dynamic binary analysis for symbol matching

We love the Internet of Things

It doesn't matter if it's a Switch, a Router, a Printer, a Scanner, a Wi-Fi Access Point or your Smart Home equipment that's in the network. Our Endpoint Agent supports ARP, Multicast DNS, UPNP and other protocols to discover surrounding devices and to detect them.

The Tholian Endpoint Agent goes even further than other tools on the market and actively communicates incidents and mitigations between machines in the same network cluster, so that neighboring machines can be warned and isolated before a malware can spread out via lateral movement.

  • Automatic detection of IoT devices
  • Automatic detection of network routes
  • Automatic isolation of infected devices
  • Automatic protection of attacked devices
  • Automatic communication of observations

We love Inventory Management

  • Audit-Proof Inventory Management
  • Automated Software Management
  • Automated Vulnerability Management
  • Automated Network Monitoring
  • ISO 27001-ready Audit Reports

We believe in the advantage of a well-maintained asset inventory. Inventories in practice are a tedious task and hard to keep correctly up-to-date. Our Tholian Network platform automatically discovers machines in surrounding networks and adds them to the inventory autonomously.

Discovered machines are automatically available in the Network Map in Tholian Oversight, and can be used as quick installation targets and/or protected machines that contain high-risk network services.

Want to know more?

Visit the Cyber Defense Products page to find the products that fit your organization's needs for protection from cyber attacks.