PRODUCT · SECOPS PLATFORM

IRIS

The AI-native SecOps platform. IRIS unifies detection, response and proactive threat hunting at scale — with AI doing the heavy lifting instead of a room full of analysts, so a small team gets the reach of a much larger SOC.

AI-NATIVE THREAT HUNTING LIVE UEBA SINGLE TIER
DetectionResponse Threat huntingUEBA
WHAT YOU GET

One console — from raw events to closed cases

IRIS watches your environment end to end: it ingests events from the sources you already run, surfaces what actually matters, and drives response from a single pane.

AI triage & correlation

Incoming events are scored, de-duplicated and correlated automatically — analysts open cases instead of wading through raw alerts.

Guided response

Every case arrives with context, an event timeline and recommended next actions — investigation and containment in the same console.

Proactive hunting

Run AI-assisted hunts across historical and live telemetry to uncover activity that never tripped a rule — find what passive detection misses.

Behavioral analytics (UEBA)

Live UEBA learns a normal baseline per user and entity and raises deviations the moment they occur, feeding straight into triage.

Continuous detection

Round-the-clock monitoring across your connected sources, with AI triage that cuts noise and elevates the signals that need a human.

Single pane of glass

Detection, response, hunting and behavioral analytics live in one platform — no stitching together a shelf of point tools.

FROM ZERO TO DETECTIONS

Live in a few steps

An IRIS install goes from first launch to live, prioritized detections fast — no shipped default credentials to rotate.

  1. Open the appThe first sign-in provisions your administrator account — nothing to rotate.
  2. ActivateThe gate starts your 14-day trial (up to 5 sources) and reveals the install's build number once.
  3. Connect a sourcePoint IRIS at your first data source and let it begin ingesting events.
  4. Watch detections landAI triage surfaces prioritized signals as events flow in — then tune and expand.
LICENSING MADE SIMPLE

One tier. You only dial the source count.

IRIS ships as a single PRO tier — no confusing editions to compare. The only dial is the number of sources you connect, so you scale the license to your environment and nothing else. Changes apply at the install's next heartbeat.

14-day trial Up to 5 sources on trial Single PRO tier Source-count based Yearly or perpetual Adjust anytime
WHY IRIS

The reach of a larger SOC, without the headcount

AI-native by design — triage, correlation and hunting are handled by models rather than manual rule-wrangling.

MEETS YOUR STACK WHERE IT IS

Ingests the sources you already run

IRIS pulls from the security and identity sources you already operate — cloud and endpoint telemetry and device-management signals among them. New connectors are added regularly; need one that isn't covered yet? Just ask.

Cloud & SIEM telemetry Endpoint / EDR Identity & access Device management (MDM) + New connectors regularly
More on data sources →

Give a small team the reach of a full SOC

Talk to the Hexarion team about an IRIS rollout or a guided proof of value — or dive straight into the documentation.