Cloud Deployment

Detect intrusions in your VPC. Deploy in seconds.

Name: Blacksight Protect Enterprise
Brand: Blacksight
Availability: InStock

Run Blacksight Protect natively on AWS, GCP, or Azure — no hardware to ship, no agents to install. One Helm command or Docker run, and you're catching attackers across your cloud network in seconds.

Blacksight Protect Cloud is a managed intrusion detection deployment for AWS, GCP, and Azure — deployed as a container via Helm, Docker, or serverless compute (Fargate, Cloud Run, ACI). Outbound-only HTTPS, least-privilege IAM, and 24/7 monitoring by our US-based Global Security Operations Center.

AWS / GCP / Azure Docker image Kubernetes Helm Outbound-only Deploy in seconds 24/7 US GSOC

Talk to Sales View Pricing

Free 30-day trial. No credit card required.

~/blacksight

$ helm repo add blacksight https://charts.blacksight.io

$ helm install protect blacksight/protect \

--set token=$BS_TOKEN \

--namespace security

✓ chart pulled (blacksight/[email protected])

✓ deployed in 47s

✓ connected to GSOC · Tennessee

✓ monitoring 24 nodes · 8 namespaces

› first decoy interaction in 3m 12s

! [CRITICAL] lateral-move attempt · 10.0.4.22 → db-prod-01:5432

Scroll to explore

Built for engineers who deploy at the command line.

Everything ships as code: signed container image, official Helm chart, ready-to-use Terraform and CloudFormation templates. No agents on endpoints, no inbound ports, no peering connections.

Multi-cloud native

Deploy on AWS, GCP, or Azure — same detection engine, same dashboard, same alerts. One subscription covers all three.

Docker image

Pre-built, signed image hardened to CIS benchmarks. Pull once, run anywhere — Fargate, ECS, Cloud Run, ACI, or any Docker host.

Kubernetes Helm chart

Official charts for EKS, GKE, AKS, and self-managed clusters. Rolling updates with zero detection-coverage gaps.

Serverless compute ready

Drop-in templates for Fargate, Cloud Run, and Azure Container Instances. No VMs to manage, no servers to patch.

Least-privilege IAM

Read-only access to flow logs and audit trails — VPC Flow Logs & CloudTrail on AWS, Cloud Audit Logs on GCP, NSG Flow Logs on Azure. We provide audit-ready Terraform modules for all three.

Outbound-only HTTPS

No inbound ports, no VPN tunnels, no peering. The container reaches us, never the other way around. Raw traffic never leaves your VPC.

EDR + SIEM integrations

Native integrations via webhook, syslog, and API with CrowdStrike, SentinelOne, Defender, Datadog, Splunk, and New Relic.

24/7 US-based GSOC

Every detection reviewed by our Tennessee Security Operations Center, included at no extra cost.

Zero-downtime updates

Rolling Helm updates with health checks. New version up before old version goes down — no monitoring gaps.

Cloud-native security posture

SOC 2 ready Outbound-only HTTPS Least-privilege IAM CIS-hardened image Signed images + SBOM GitOps friendly

Try it in your VPC for 30 days.

Free 30-day trial. No card required. Our team gets you set up within 24 hours.

Talk to Sales Need on-prem? See hardware