Advanced Threat Intelligence
Know every threat.
Before it becomes a breach.
Nereus Pulse monitors your Windows infrastructure and Azure Entra ID environment in real time. A multi-signal anomaly detection engine scores every event and surfaces prioritised alerts — so your team hunts threats, not logs.
Platform Capabilities
Everything your SOC needs.
Purpose-built for Windows-centric on-premise environments and Azure Entra ID. No agents to babysit. No alert storms to wade through.
Intelligent Anomaly Detection
Every event is scored across multiple independent signals — time-of-day deviation, source host reputation, privilege escalation patterns, lateral movement indicators, and more. Risk scores are calculated in milliseconds, not minutes.
Windows Event Deep Coverage
Native collection from DC Security logs, Terminal Services, WMI Activity, Task Scheduler, and System logs via a lightweight Windows Service agent. No WEF configuration required.
Azure Entra ID Integration
Sign-in logs and identity events pulled via Microsoft Graph API using Client Credentials OAuth2. Impossible travel, MFA bypass attempts, and risky sign-ins are automatically correlated with on-prem events.
Threat Rule Engine
Built-in rules covering 500+ Windows Event IDs. Define custom rules with pattern matching on any event field. Rules integrate directly into the scoring pipeline and can elevate alert severity on match.
Multi-Tenant Architecture
Full company isolation at every data-access layer. Each organisation gets its own scoped view, billing tier, detection settings, API keys, and team. Operators manage all tenants from a single owner console.
Full REST API
Every action available in the UI is exposed via a versioned REST API with JWT Bearer and API Key authentication. SIEM, SOAR, and ticketing integrations are a webhook away. Interactive Swagger docs included.
How It Works
From raw event to actionable intelligence.
Four stages, sub-second end-to-end. Your team sees what matters.
Deploy the Agent
A lightweight .NET Framework Windows Service is compiled per-tenant, pre-configured with your server URL and credentials, and bundled into a signed installer — downloaded in one click from the portal.
Collect & Ingest
The agent streams events from domain controllers and workstations. You can also connect Nereus Pulse directly to your EDR and Azure tenant — endpoint detections and Entra ID sign-in logs are pulled via incremental API and Microsoft Graph sync. All telemetry lands in Nereus within seconds.
Score Every Event
The scoring engine evaluates each event against a live behavioural baseline — time, frequency, privilege, network, identity, and threat rule signals — and assigns a severity from Low to Critical.
Alert & Respond
Risk-scored alerts surface in the live dashboard and REST API instantly. Analysts acknowledge, investigate, close, annotate, and share alerts — with a full audit trail and configurable email notifications.
In the age before memory, the Greeks called him Nereus — the Old Man of the Sea. Not a god of storms or conquest, but of truth. He alone among the immortals could not deceive. He saw what was coming before it arrived, and spoke it plainly to those wise enough to ask. The sailors who sought his counsel did not receive comfort — they received clarity.
That is the name we carry. Every pulse is a whisper from the deep — a signal detected, scored, and converted into a warning before the wave breaks. Not noise. Not conjecture. Foresight, delivered as an alert.
Get Started
Ready when your threats are.
Sign in to the Nereus Pulse portal to deploy agents, tune detection, and watch risk-scored alerts land in real time.
Open the Portal →