Full Stack Compliance
Certification at ludicrous speed
Sherlock Compliance Automation is the fastest way to build and certify regulated environments.
Everything is included…and we mean EVERYTHING.
AUTOMATION
The entire environment is built and configured automatically without human intervention.
CONTROLS
Audit-ready, preconfigured security controls: SIEM, AV, IDS/IPS, WAF, etc.
DOCUMENTATION
A complete library of audit-ready policy templates and compliance artifacts is included.
GUARDRAILS
24x7x365 human and automated monitoring to maintain both security and compliance.
SHERLOCK REVOLUTIONIZES COMPLIANCE
Imagine achieving PCI or FedRAMP compliance in the cloud in days, not months.
Imagine eliminating human error in setting up a compliant environment.
Then imagine dramatically lowering the cost of compliance.
That’s Sherlock Compliance Automation.
ACCURATE
The Sherlock Compliance Architectures are already built to PCI or FedRAMP standards. There is no guesswork, interpretations, or human-introduced variables. This is a level of accuracy and consistency that has never been possible before now.
FAST
In just hours, Sherlock can build out an entire compliant cloud environment that is pre-configured to meet rigorous compliance and security requirements. Sherlock can be ordered directly from the AWS Marketplace, removing procurement issues for instant availability.
EFFICIENT
With less time and money spent on people and controls, Sherlock Compliance Automation delivers lower TCO. The value is in our unique full stack solution – which includes templates, controls, configurations, and documents, with on-going support and customization.
SECURE: BY DEFAULT AND BY DESIGN
Sherlock CA fully embraces DevOps principles. The entire environment is code, and fully deployed in hours. Security and compliance are enforced and maintained by default and by design. For more information, check out our eBook, The Case for Security in the Cloud.
Sherlock Compliance Automation
Deployment in AWS
How Does Sherlock Compare?
Only Sherlock offers the full stack of tech and services you need to achieve rapid compliance
Managed | Managed | Value | Compliance |  |
|
|---|---|---|---|---|---|
|
|
|
|
||
|
|
|
|||
|
|
|
|
||
|
|
|
|||
|
|
|
|||
|
|
|
|
||
|
|
|
|||
|
|
|
Subscription Options (old)
Sherlock Compliance Automation
PCI
When you purchase SCA-PCI, you get full stack compliance:
1. Technology Stack
- PCI Architecture: VPC with firewall rules and access rights.
- Hosted Active Directory: populated with all required user accounts, rights, and policies
- PCI Controls:
- Trend Micro Deep Security Endpoint: provides endpoint malware scanning, as well as file integrity monitoring, IDS/IPS, log monitoring, and more
- Splunk SIEM: pre-configured to capture all log and event data. Also includes all necessary reports, dashboards, and alerts.
- SAINT: vulnerability management, pre-configured to scan the environment every week
- GitHub: secured code repository for your code
- Puppet Enterprise: configuration management of the environment
- Barracuda WAF: web application firewall pre-configured to pass PCI requirements
2. Documentation Stack
- Template Library: a library of PCI policies, procedures, and guidelines.
- Artifact Repository: secured S3 bucket populated with necessary artifacts
3. Support Stack
- Guardrails: preconfigured rules that monitor your environment for any non-compliant state and automatically revert it back to a compliant state
- Onboarding: Anitian’s team of QSAs and cloud security engineers will provide up to 90 days of assistance to get your environment up and running
- Support: After your on-boarding you have access to technical support through each vendor and Anitian
4. Managed Detection and Response Stack (Optional)
- Augment the PCI compliance process with 24x7 SOC monitoring and threat hunting. See below.
Sherlock Compliance Automation
Managed Detection and Response Service
How can you make PCI compliance in the cloud even easier? Add on our Sherlock Managed Detection and Response services. This provides round-the-clock monitoring, management, and support.
- 24x7x365 monitoring from our USA based SOC
- Active threat hunting
- Integrated threat intelligence (deployed to the SIEM)
- Management of all security components (SIEM, vulnerability scanner, etc.)
- Weekly status report via email
- Rapid Incident Response in the event of a serious security event
- Advanced Guardrails which provide additional monitoring of compliance requirements
Sherlock Compliance Automation
Professional services packages
Complete your PCI compliance process with professional services and QSA certification from Anitian.
ROC-pack
- QSA PCI Compliance Assessment
- Issue Report on Compliance (ROC)
- QSA signed Attestation of Compliance (AOC)
- QSA signed PCI compliance certificate
- QSA signed letter for your Acquirer
SAQ-pack
- QSA PCI Compliance Assessment
- QSA signed Self Assessment Questionnaire
.
.
.
.
Pentest-pack
- PCI network penetration test
- External PCI ASV scans
.
.
.
.
.
Subscription Options
Sherlock Compliance Automation
PCI and FedRAMP
When you purchase Sherlock Compliance Automation,
you get full stack compliance.
Roll over or tap each item to learn more.
1. Technology Stack
Cloud Architecture
VPCs and Networks 
Hosted Active Directory
Firewall Rules
Security Controls
TrendMicro Deep Security
Splunk SIEM
SAINT
GitHub
Puppet Enterprise
Barracuda WAF
Configurations
Everything pre-configured
Access controls and rights
Hardened Images
2. Documentation Stack
Template Library
Artifact Repository
3. Support Stack
Guardrails
Onboarding
Support
4. Managed Detection and Response Stack (Optional)
Round-the cloud monitoring and management of your environment. Includes active threat hunting and SIEM-integrated threat intelligence. See below.
Sherlock Compliance Automation for PCI is for sale on the AWS Marketplace.
For other purchasing options please contact Anitian.
Sherlock Compliance Automation is coming soon to the AWS Marketplace.
For other purchasing options please contact Anitian.
Sherlock Compliance Automation
Managed Detection and Response Service
How can you make compliance in the cloud even easier? Add on Sherlock Managed Detection and Response.
This provides round-the-clock monitoring, management, and support.
- 24x7x365 monitoring from our USA based SOC
- Active threat hunting
- Integrated threat intelligence (deployed to the SIEM)
- Management of all security components (SIEM, vulnerability scanner, etc.)
- Weekly status report via email
- Rapid Incident Response in the event of a serious security event
- Advanced Guardrails which provide additional monitoring of compliance requirements
Sherlock Managed Detection and Response may be purchased as an additional service with Compliance Automation on the AWS Marketplace. For other purchasing options please contact Anitian.
Sherlock Managed Detection and Response is for sale on the AWS Marketplace.
For other purchasing options please contact Anitian.
PCI Professional Services Packages
Complete your compliance process with professional services and QSA certification
ROC-pack
- QSA PCI Compliance Assessment
- Issue Report on Compliance (ROC)
- QSA signed Attestation of Compliance (AOC)
- QSA signed PCI compliance certificate
- QSA signed letter for your Acquirer
SAQ-pack
- QSA PCI Compliance Assessment
- QSA signed Self Assessment Questionnaire
Pentest-pack
- PCI network penetration test
- External PCI ASV scans
Also available as stand-alone services. Visit Anitian.com for details.
Sherlock Environment Sizing
Sherlock CA-PCI is available in six convenient sizes. Custom sizes are available from your friendly Anitian Account Executive.
| Product (sizing metric) | Splunk (GB per day ) | TrendMicro (Agents*) | SAINT (IPs scanned) | GitHub (Users) | Puppet (Nodes) | Barracuda (Mbps throughput) |
|
|---|---|---|---|---|---|---|---|
| Environment Size | Micro | 1 | 1 | 64 | 10 | 25 | 100 |
| Small | 5 | 10 | 128 | 10 | 25 | 100 | |
| Medium | 10 | 25 | 256 | 10 | 50 | 200 | |
| Large | 20 | 50 | 512 | 10 | 100 | 400 | |
| Jumbo | 50 | 100 | 1024 | 20 | 250 | 750 | |
| Enterprise | 100 | 250 | 4096 | 30 | 500 | 750 | |
*Each architecture automatically includes 14 endpoint agents to cover the infrastructure components. The number in the table above represents the number of agents you have for your own hosts.
Sherlock CA Pricing
Sherlock is available as a yearly subscription billed through the AWS Marketplace (PCI only).
License Term | |||
|---|---|---|---|
| Environment Size | 1 Year | 2 Years | 3 Years |
| Micro | $65,500 | $117,900 | $163,750 |
| Small | $79,500 | $143,100 | $198,750 |
| Medium | $125,500 | $225,900 | $313,750 |
| Large | $165,000 | $297,000 | $412,500 |
| Jumbo | $295,000 | $531,000 | $737,500 |
| Enterprise | $565,000 | $1,017,000 | $1,412,500 |
Price includes a 60-day onboarding engagement.
Sherlock MDR Pricing
Sherlock MDR is available as an add-on subscription when purchasing Sherlock CA through the AWS Marketplace.
Contact Anitian to expand your MDR service to the rest of your corporate environment.
| Environment Size | Price per Month | 24 Month | 36 Month | Annual in Advance |
|---|---|---|---|---|
| Micro | $6,500/mo | $6,305/mo | $6,175/mo | $74,100/yr |
| Small | $8,250/mo | $8,002.50/mo | $7,837.50/mo | $94,050/yr |
| Medium | $9,950/mo | $9,651.50/mo | $9,452.50/mo | $113,430/yr |
| Large | $16,950/mo | $16,441.50/mo | $16,102.50/mo | $193,230/yr |
| Jumbo | $19,950/mo | $19,351.50/mo | $18,952.50/mo | $227,430/yr |
| Enterprise | $29,500/mo | $28,615/mo | $28,025/mo | $336,300/yr |
Includes 24x7 monitoring, rapid incident response, risk assessment, and advanced guardrails.