Skip to content

PRODUCTS

Secopx Agent - EDR & IPS for Linux Servers & Android devices - Planned Release date - April 2026

The Secopx Sensor a.k.a Intrusense sensor is the culmination of more than 5 years of constant work, planning & design.

The sensor acts as a E.D.R-IPS for Linux endpoints with antivirus capabilities, specifically designed for web servers in mind but working virtually on any Linux machine and comes also with  a graphic U.I for desktop computers and  protects the machine in real time from webshells, ransomeware, trojans, crypto coin miners and reports about general attacks.

When a “malicious” file is uploaded to one of the servers pre-defined folder, the sensor will remove the infected file upon detection into the “quarantine” folder.

Please read the readme.md file BEFORE using the sensor and also make a full BACKUP of your /var/www/html folder and make sure to read our T.O.S BEFORE using the sensor.

Technical Specifications of the Sensor for Linux – 

Supported OS : Debain 9, 10,11,12,13 – Ubuntu 16, 18, 20,22 – Centos 7, 8
License Type: Multi-license, Our code is GPL3, please see the “LICENSE-AND-CREDITS.txt” file 
Sensor size : approx 20 Mb
Connection typeOutbound ONLY  (no incoming traffic whatsoever)
Malware Analysis – by Yara & our custom engine
Dependency list – please see the readme.md file 
Prevention mechanism – the sensor scans for webserver content (/var/www/thml/ – configurable) and removes malicious files to the quarantine folder, see the readme.md file for more information, also, depends on configuration, the product can also block network connections etc via eBPF/firewall configuration, the sensor also scans for system-wide anomalies and security issues.


System Requirements – 1GB of ram and 1 V-CPU.

The Sensor has been tested on every possible cloud environment and will run smoothly on any basic VPS.

Coding Languages – C, Python, Perl, Bash.

Running Environment – cloud or local, running on the server itself with the root permission.

“Vulnerable Software Predictor” – the sensor will alert you when a suspected vulnerable PHP file or other obfuscated file are found active in the server ecosystem.

The Predictor will NOT send the file into the quarantine folder but will ONLY write to the log file about it.

Planned release date – we are waiting for Malmab approval and also other bureaucratic approvals, contact us for more info.

S.O.C/S.I.E.M as a service - Designed ONLY for our Sensor

For Enterprises, SMB's & Startups, up to 1000 servers per node.

S.O.C/S.I.E.M as a  service is a premium paid service, it costs $39 per month, per server and it is based on our open source GPL3 Linux based sensor. 

When you run the sensor itself with a license file, it will report to our Central Cloud S.O.C/S.I.E.M as a service, which you can access from: secopx.com/dashboard (or On-Prem in your network) 

Once you have installed the sensor on your machine, just login into our cloud, set up your SMS and email address, and BAM! You are immediately protected and alerted!

 

Designed specifically for  Servers and specifically for our Sensor

Already using a different S.O.C/S.I.E.M? No problem, Our software does not conflict with any other E.D.R or Sensor. 

Our product is an extra layer and is intended ONLY for servers, which means you can keep your traditional S.O.C\S.I.E.M and E.D.R. We only sync with our Sensor-I.P.S software. 

Let your old setup continue running! We do what noone else does, in a way noone else does  and we do not interact with other security solution on servers or network based. 

Technical Specifications : 

  • Incident management & response with “off-server” data retention of incidents 
  • SMS & EMAIL alerting in real time when a “security incident” occurs or the “risk level” is too high.
  • Helps you to comply with the P.C.I-D.S.S/I.S.O/H.I.P.P.A regulations.
  • Access to our professional team; “SEND TO SOC ANALYSIS” events you do not understand can be sent with a single click to our team (this is an extra premium service, 10$ per request) *optional service.
  •  Rich User Interface with cloud “off server” data retention
  • Restrict Access by IP address (up to 3) to your dashboard
  • DDOS – Get SMS/email and store “off server” data about attacks in case of DDOS attacks.
  • Fully responsive and mobile/Tablet tested interface
  • Customizable “Risk Level” according to your specific needs, set the risk level threshold according to your paranoia level.
  • Get Alerted when “Vulnerable Software Predictor finds a suspected vulnerable file in your webserver directory
  • Export Security log reports and other data to PDF.

Secopx For Android devices

The Secopx for Android devices – is a brand new and release plan is mid 2026. like all of the products of Secopx, it has not yet released to the public, been in in active development for more than 1.5 years, the app is running on NON-ROOTED devices, means it can run on any Android device from version 10 to version 16, the device is reporting to the server every 3 hours, you can see and deploy devices with a 3 minutes on boarding process. 

How our S.O.C/S.I.E.M as a service works?

S.O.C/S.I.E.M as "On Premise"

Just like the “S.O.C/S.I.E.M as a service” but on your local servers within your local network. “On Premise” means that all the information stays on your servers inside your internal network.

Let’s say you have a few webservers inside your Intra-network, Secopx will monitor and protect those machines for you both inside and outside your network.

All the data belongs to you. You set the data retention settings.


Contact sales today for a demo and a price quote!

+972 52 5326350 or email us to info@secopx.com

en_USEnglish
en_USEnglish