Automated Threat Detection with Yara
ASTRAEA Sentinel generates YARA rules from malware samples to protect your infrastructure. Built for CTI teams, SOC analysts, and malware researchers.
Our platform allows seamless integration with your security infrastructure, providing real-time updates and custom rules tailored to your environment. Join hundreds of security teams who trust Astraea Sentinel.
Dashboard
600K
Total alerts
5.2K
Active alerts
Alerts over time
Top alerts
| Rule | Group | Count |
|---|---|---|
| Malicious code | malware | 523 |
| Docker | docker | 478 |
| CIS distristution | policy | 321 |
| Administrator group modified | pam | 217 |
Active alerts
125
Agents
245
Alerts
Last events
Easily adapt CTI detection to your infrastructure
ASTRAEA Sentinel is designed to fit your unique cybersecurity environment – on-premise or hybrid, Linux or Windows, SOC or research lab.
Customize your rules
Choose your own detection logic based on:
- Specific malware families (Emotet, Redline...)
- File types (DLL, EXE, Office macros..)
- Behavioral patterns (network, SMB, ransomware, etc.)
Choose your deployment method
Support for:
- Puppet-based rule distribution (Linux/Windows)
- Offline or VPN-only deployments
- Dockerized Wazuh integration
- Active-response or scheduled scans
Simple, transparent pricing
Choose the plan that best fits your needs. All plans include access to our CTI rule generation platform.
Freemium
Discover our services
- Access to WannaCry rule only
- Self-hosted deployment
- GitHub repository access
- Community support
Premium
For security professionals
- Access to all CTI rules
- 100 monthly credits
- Up to 5 users
- Priority support
- Complete generation history
- Real-time rule updates
Enterprise
For large organizations
- Access to all CTI rules
- Unlimited credits
- Unlimited users
- 24/7 dedicated support
- Dedicated API
- Custom integration
- Team training
Frequently Asked Questions
Have questions about Astraea Sentinel? Check our answers to the most frequently asked questions.