Modular SOC Platform.

Coming soon: Microsoft Sentinel connector for Cumulo NDR

Cumulo is our in-house built and maintained SOC platform used to deliver our SOC Services. We've designed Cumulo around the SOC Analyst to support their work in making yours and our business more secure by delivering our 24/7 Always On detect and respond capability.

Cumulo can act as a standalone Security Information and Event management (SIEM) tool with automation capabilities or work alongside other tools, such as Microsoft Sentinel, Splunk and IBM QRadar to enrich the data received, improving the information available for analysis. Cumulo can take a range of data sources, including logs, network traffic and more, bringing all tools together to provide a single lens into your organisation. This allows Analysts to have a single point of truth for investigation and incident response, reducing time spent moving between technologies and giving all data related to a particular event in one place to enrich the analysis.


  • A centralised, all-in-one, analyst-focussed cyber defence platform
  • Full packet capture environment with IDS, including deep packet inspection
  • Automation and orchestration capabilities
  • SIEM, with log and event correlation
  • Transparent and open - used by both the SOC and the customer, with full access to data

Cloud Infrastructure

We can monitor all major cloud infrastructure platforms, covering a large range of tools and technologies within them. For some tools Cumulo has ‘2-way integrations’, allowing e2e and our customers to not only ingest logs and network traffic to monitor, but also interact with the tool from Cumulo, eliminating the need to work from multiple tools, with Cumulo being the single lens into your network.

Other Integrations

Cumulo integrates with a host of other tools to receive logs and network traffic in order to fully monitor everything from your SIEM to your firewalls and infrastructure hardware, from SaaS tools to devices and EDR products.

Below are lists of some of the integrations we currently have – this is not exhaustive, if the product you’re looking for isn’t on here, there’s a chance it already has an integration with Cumulo, is in progress now or can be integrated with within weeks. Contact us if you’d like to enquire about one of your critical tools to improve your MDR and XDR capabilities.

In addition to monitoring the tools listed, Cumulo stores threat intelligence to improve business context and continuity and to shape specific playbooks and use cases for e2e and customers. We use a mixture of open and closed sources for our threat intelligence, as well as working with customers to run threat workshops to help identify and plan for known threats. On top of this, e2e also proactively look for zero-day exploits through our network monitoring.

Anything else?

The above is an ever-growing list. If what you are looking for isn’t here it may already be in progress or we can integrate it for you - don’t hesitate to contact us for details.