Angle is a Network detection and response (NDR) platform built for defenders and security teams.

It aggregates the unstructured data from the network, processes it into meaningful information, enables IT teams to establish a baseline that make their defense effective as they immediately can detect unknown threats and advanced adversaries.

The platform is built on the leading opensource framework and Suricata threat detection engine.

It provides visibility in the entire network, makes it possible to eliminate blind spots, reduce false positives, reduces the time to detect and identify threats in the network before it is too late.

Angle Diagram

Easy setup

Easily deploy our plug and play Derant Angle sensors either virtually or physically. The technology is non-intrusive, that collect the metadata inside the network by TAP or SPAN port to discover anomalies and stop attackers.

Advanced anomaly detection

No other cybersecurity tools makes it possible to build an as precise baseline of organizations infrastructure as we do. For our customers it means a faster detection time and quick response to unknown cyberthreats, including advanced adversaries.

Protecting ICS/OT

We understand how critical the industrial production environment is, which is also why our sensors are passive and don’t influence any performance with the result of avoiding loss of visibility and control. We are experts in protecting your critical assets by detecting known and unknown threats with a baseline for all their communication.

Incident response

With an Angle sensor acting as a Flight recorder on the entire IT and ICS/OT network, you can start the threat hunting easily and go back in time. As standard, it comes with 90 days of data retention.

Network intrusion detection

The platform comes with 28.500+ signatures based on the ET Open Ruleset. Angle monitors the traffic in the entire network, analyzes it for signatures matching known attacks and will raise an alarm. We have made it possible for our customers to expand with the ET Pro Ruleset.

Asset Visibility

An essential foundation of cybersecurity is having a detailed and up-to-date inventory of all devices in your network – many struggles with this fundamental challenge. Derant Angle will help you with this challenge as it informs you of what’s going on in your network and assembles an asset inventory.

How does Angle detect

All connections flow to Derant Angle and will be aggregated and modeled. The analysis will happen by different detection methods ensuring Derant Angle will detect suspicious activity in the network deviating from the baseline, matching the data with known malicious activity and inappropriate traffic in the network.

The platform generates an alarm when a threat is detected, and the traffic will continue to flow. To understand what the optimal response to unknown threats will be, they have to be analyzed.

Angle Diagram


Current pricing tables

Home Defender

Free for personal use

Up To 15 Devices*

*with a maximal data transfer of 200mb across all devices per week

Corp Defender

1.5€ pr. device pr. month

Pay as you grow*

*Contact sales for fixed price


Why defend alone when you can get help from experts?

Our service offerings provide you visibility and insight into your environments, identification of vulnerabilities and threats, and overall risk mitigation.

Compromise assessments

It finds even the most advanced hidden hackers who have circumvented your existing defence mechanisms. This gives you the certainty that your network and assets are truly uncompromised, and if not we will provide you with necessary documentation and recommendations to fix any breaches.

Incident response

Our experts perform all the necessary steps to detain, map the extent, and analyze consequences, removing the intruders from your network.

Angle Observer (Managed Network detection)

Our Managed detection service is an affordable method for you to protect your critical systems and business. Our security experts proactively detect unknown threats, eliminate blind spots, detect lateral movement, and respond to sophisticated adversaries in your infrastructure.

With Angle Observer we provide remote monitoring and proactive threat hunting in your environment, both IT or OT/ICS.

BlueTrainer (Free service)

BlueTrainer is Derant's CTF platform for training IT-security team and student teams. Our Capture the flag is built to educate and provide deep knowledge in defensive security. You will have the possibility to test your internal capabilities and profiencies to understand how capable you are at handling a potential incident. Our CTF is for everyone working with IT security.


Derant provides efficient network detection and response capabilities to detect and remove cyberthreats. Our customers obtain real-time visibility in their network, which supports them in detecting cyber-attacks before it is too late.

We have 15 years of experience in defending sensitive data and critical infrastructure. We recognize ourselves as world-class in-network detection of cyberthreats, which is also why enterprises and public utilities use our professional services.

With our team of experts and our network detection and response (NDR) platform, we ensure our customers can identify non-signature & unknown anomalies, suspicious patterns based on signatures and customized filters while using machine learning POWERED by human brains.


Click to read one of our interesting blog posts


Here you can find different resources to extend your knowledge about our platform.


We are coding, we do a lot of threat hunting, we analyze, we play CTFs - but we will always have time for a chat with you!

Platform Info

If you want to hear more about our Platform then click below:

Book a private tour


We would like to defend with you! You can always reach us on:

Report an incident

If your organization needs assistance, please contact us at:

+45 6177 7318