Store, verify, and retain SIEM logs securely.

Security-first vault for SIEM and security telemetry: encryption in transit & at rest, immutability windows, integrity receipts, and policy-based retention.

Request early access See features

TLS 1.2+ Object immutability Integrity receipts S3/syslog ingest

curl -X POST https://api.example.com/ingest \ -H "Authorization: Bearer <token>" \ -H "Content-Type: application/json" \ --data '{ "source":"siem", "ts":"2025-08-19T16:20:00Z", "bytes": 2048 }'

Example: send event metadata to the vault. Replace api.example.com with your domain.

Trusted by security teams at

Why teams choose our vault

End-to-end encryption

TLS in transit and envelope encryption at rest. Keys scoped by tenant; BYO-KMS on the roadmap.

Immutability windows

Optional WORM retention to help meet audit requirements. Time-locked writes prevent tampering.

Integrity receipts

Per-batch verification digests so you can prove logs weren’t altered.

Flexible ingest

S3-compatible API, syslog over TLS, and agent-based forwarding.

Fast search

Index the metadata you care about. Keep raw data cold, resurface instantly.

Controls & alerts

Retention policies, size alerts, and anomaly flags for drops or spikes.

How it works

Point your sources. Send streams from your SIEM, EDR, firewalls, and apps over TLS.
We encrypt & retain. Data lands in immutable, encrypted storage with policy-based retention.
Verify on demand. Use integrity receipts to confirm nothing changed.

FAQ

Do you store raw logs or only metadata?: We store raw logs with optional metadata indexing for fast filtering. You control retention and immutability windows.
How do we ingest?: Use our S3-compatible endpoint, syslog over TLS, or an agent. We’ll provide examples for popular platforms.
Can we bring our own keys?: We support tenant-scoped keys today and BYO-KMS is planned. Contact us for details.