Data Theorem and AlphaSOC Partner to Offer Industry-First Cloud Extended Detection and Response Combined with Cloud Infrastructure Entitlement Management

New Combination of Cloud XDR and CIEM Capability Enables Organizations to Better Understand and Protect Attack Surfaces of Their Cloud-Native Applications

PALO ALTO, Calif. & SAN FRANCISCO–(BUSINESS WIRE)–#APISecurity–Data Theorem, Inc., a leading provider of modern application security, and AlphaSOC, Inc., the Security Analytics Company, today announced their new partnership to deliver industry-first cloud extended detection and response (XDR) with cloud infrastructure entitlement management (CIEM) features to address customer challenges around attack surface management of their cloud-native applications.

This partnership introduces industry-first combined Cloud XDR and CIEM for proactive attack surface management delivered in a leading CNAPP solution. This new combination uniquely enables organizations to protect against data exfiltration and command-and-control channels within their public and hybrid cloud environments.

“We have been working together with AlphaSOC for over a year and are excited to announce our formal partnership to deliver an industry-first attack surface management capability that combines our Cloud XDR Hacker Toolkit with their integrated CIEM functionality,” said Doug Dooley, Chief Operations Officer at Data Theorem. “This new combined offering helps customers accurately identify data exfiltration threats and limit cloud entitlement policies that attackers take advantage of to extract sensitive data. Uniquely enforcing least-privilege access control for embedded cloud services ultimately helps organizations realize additional benefits of their cloud-native application protection platforms (CNAPP).”

Traditional security tools not developed for cloud services continue to leave gaps in coverage for IT security teams. As a result of this partnership, Data Theorem’s Cloud XDR Hacker Toolkit now has advanced network-based detection insights to uncover exploited cloud resources and highlight users, groups, and policies impacted by exfiltration breaches. Customers can now conduct network threat detection analysis of potential data exfiltration breaches and limit the impact on their users, groups, and overall cloud infrastructure.

“This partnership builds on the expanding relationship and market opportunity of working together, and teaming with Data Theorem greatly expands the reach of AlphaSOC,” said Chris McNab, CEO and co-founder, AlphaSOC. “This combined solution delivers a real competitive advantage in the application security testing (AST) and CNAPP markets. As a result, customers will be able to better understand and protect the attack surfaces of their cloud-native applications.”

The AlphaSOC Analytics Engine (AE) performs deep processing of network flow, DNS query logs, and activity logs within cloud environments and escalates findings via cloud-native services – including Amazon Web Services EventBridge, Microsoft Azure Sentinel, and Google Cloud Platform Pub/Sub – to support threat hunting and security operations teams. It is a next-generation NTA product that identifies emerging threats, automates remediation responses, and solves the “patient zero” problem through prevalence scoring and active analysis. Patient zero refers to the idea that the first victim of an attack has no idea they are compromised because their tools rely on threat intelligence of known attacks. Leveraging its patented processing stack to uncover emerging threats without relying on threat intelligence or stale indicator lists, AlphaSOC’s accuracy and reliability are setting new security standards for malicious activity detection.

Data Theorem’s broad AppSec portfolio protects organizations from data breaches with application security testing and protection for modern web frameworks, API-driven microservices and cloud resources. Its solutions are powered by its award-winning Analyzer Engine, which leverages a new type of dynamic and runtime analysis that is fully integrated into the CI/CD process, and enables organizations to conduct continuous, automated security inspection and remediation. Data Theorem is one of the first vendors to provide a full stack application security analyzer that connects attack surfaces of applications starting at the client layers found in mobile and web, the network layers found in APIs, and the infrastructure layers found in cloud services.

Pricing and Availability

Data Theorem’s Cloud XDR with CIEM is available today as part of Cloud Secure Enterprise Edition. Pricing starts at $15,000 USD annually. For more information, see

About AlphaSOC

Trusted by hundreds of enterprise customers to monitor diverse environments for signs of compromise and unauthorized data exfiltration, AlphaSOC is a leading provider of surveillance analytics tools. Since 2016, AlphaSOC has processed over 3 trillion events from over 500 enterprise organizations, providing unparalleled coverage of emerging threats and anomalies. The company is headquartered in San Francisco with offices in Las Vegas, London, and Wrocław, Poland. For more information visit

About Data Theorem

Data Theorem is a leading provider of modern application security, helping customers prevent AppSec data breaches. Its products focus on API security of cloud (serverless apps, CSPM, CWPP, CNAPP), mobile apps (iOS and Android), and web apps (single-page apps). Its core mission is to analyze and secure any modern application anytime, anywhere. The award-winning Data Theorem Analyzer Engine continuously analyzes APIs in web, mobile, and cloud applications in search of security flaws and data privacy gaps. The company has detected more than 5 billion application incidents and currently secures more than 25,000 modern applications for its enterprise customers around the world. Data Theorem is headquartered in Palo Alto, Calif., with offices in New York and Paris. For more information visit

Data Theorem and TrustKit are trademarks of Data Theorem, Inc. All other trademarks are the property of their respective owners.


Dan Spalding
(408) 960-9297

error: Content is protected !!