XEDR
Per-host detail with one-click isolation, malware scans, autoruns inspection, and a process tree that survives reboots.
THE COMMAND CENTER
One pane of glass.
Four layers of defense.
The Datatrek platform is where every signal converges — endpoints, network metadata, logs, vulnerabilities, backups, and identity events. One login for your team, one interface for our analysts, and a clear audit trail for your compliance.
BUILT FOR DEFENDERS
Designed by people who use it every shift.
Every screen of the platform is shaped by what the NightWatch team needs — fast filters and navigation, alert lists, and consistent info from our services.
Live across your estate
SIEM
Search across years of logs in seconds. Save queries as detections. Correlations show provenance — every match links back to the underlying event.
XNDR
Topology map with port-drift highlights and persistence audits. Click any node to see who's logged in and what's running.
Vulnerabilities
Severity-bucketed list with one-click patch dispatch. Scan history shows what was found, fixed, and verified — every cycle.
S3 Backup
Restore single files or full snapshots. Folder Share with time-limited links. Object lock holds — visible and configurable.
Built-in for serious operations
RBAC
Role-based access tied to organizations and accounts. Granular permissions per user.
2FA + WebAuthn
TOTP and hardware security keys for every user.
Audit log
Every action recorded with actor, target, and timestamp. Exportable on demand.
EU data residency
Customer data hosted on EU infrastructure. Operations, support, and invoicing all in Europe.
WHAT WE OPERATE
The full Datatrek service catalog.
NightWatch operates every service below, 24/7. Mix and match based on your environment — all are NIS2-aligned and designed to work stronger together.
XEDR
24/7 monitored dual-stack EDR with threat hunting. Two independent teams, two technologies — defense-in-depth for your critical endpoints.
SIEM
Cloud-native SIEM with 5-month log retention and ML detections. Every event correlated and searchable in seconds.
XNDR
Network behaviour analysis with 1000+ MITRE-mapped rules. Content filtering and DNS protection across every device.
S3 Buckets
Immutable, versioned, replicated cloud backup with full S3 API compatibility. Encrypted and ransomware-resistant.
XEPP
Extended endpoint protection: ransomware shields, memory threat detection, and USB device control — for broader endpoint coverage.
Vulnerabilities & Patch
Continuous CVE/NVD scans across your estate with one-click patch dispatch. Severity-bucketed findings, full audit trail — NIS2-aligned.
ITDR
Identity threat detection for M365 and Google Workspace — catches session hijacking, privilege escalation, and leaked-credential alerts.
Security Awareness
NIS2-aligned training topics with user certifications. Turns your team into the last line of defense.
Password Management
Managed 1Password — end-to-end encrypted vault with vault-scoped sharing and Watchtower alerts for weak, reused, or breach-exposed credentials.
LIVE DEMOS
See it live.
Public read-only dashboards with sample data — explore the same UI our SOC team uses every shift.
XEDR Demo
Explore the dual-EDR console — host isolation, process trees, and autoruns inspection.
Open demo ↗XNDR Demo
Browse the network topology map with port drift and lateral movement detection.
Open demo ↗SIEM Demo
Search across sample logs, saved queries, and alert correlations.
Open demo ↗Vulnerabilities Demo
Review severity-bucketed CVE findings and patch dispatch in one view.
Open demo ↗S3 Backup Demo
Inspect snapshot history, object lock status, and folder share links.
Open demo ↗Next step
Want to see it on your data?
We can spin up a demo tenant with synthetic events that match your environment shape — usually within 48 hours.