Skip to main content
SANDWORMSECURITY
Docs

Documentation.

Get started with any Sandworm product. Guides, API references, and integration walkthroughs for every product in the platform.

CNAPP

CloudGuard

Cloud-native application protection across AWS, Azure, and GCP.

View docs →
SIEM

Sandworm SIEM

Security information and event management with real-time correlation.

View docs →
NGFW

Stillsuit

Packet filter · stateful · NGFW · WAF · IPS — one engine

View docs →
EDR

Sandworm EDR

Cross-platform endpoint detection and response.

View docs →
SASE

Sandworm SASE

Secure access service edge — ZTNA, SWG, CASB, DLP, FWaaS, and RBI in one fabric.

View docs →
Anti-Social-Engineering

Truthsayer

Anti-social-engineering across email, OAuth, lookalike domains, MFA-bombing, and the help desk.

View docs →
Breach & Attack Simulation

Sandworm BAS

Breach & attack simulation and purple teaming that finds your detection gaps.

View docs →
Supply Chain / SCA

Sandworm SCA

Software supply-chain security — SBOMs, CVE triage, and build provenance.

View docs →
AI / LLM Security

Sandworm AI Security

AI and LLM security — prompt/output scanning, jailbreak defense, and an agent firewall.

View docs →
Threat Intelligence

Sight

Threat intelligence with dark-web, brand, and sandbox coverage.

View docs →
SOAR

Elm

Security orchestration, automation, and response — cases, war room, evidence vault, playbooks.

View docs →