a13e.com

What It Is

a13e is a cloud security platform for workloads on AWS, Azure, and Google Cloud. Its core offering consists of two products: Detection Coverage Validator (DCV) and CloudSigma. DCV scans the detection capabilities in cloud environments and maps them to MITRE ATT&CK. CloudSigma converts CVEs, URLs, or threat intelligence text into deployable Sigma detection rules, with output for Splunk, Microsoft Sentinel, Google SecOps, Elasticsearch, and OpenSearch.

Core Capabilities

In terms of protection type, a13e is more focused on “detection coverage management” and “detection engineering” than on traditional perimeter protection or EDR. DCV supports multi-cloud discovery, covering sources such as GuardDuty, Security Hub, Microsoft Defender, Config Rules, CloudWatch, and EventBridge. It also provides coverage gap analysis, ATT&CK heatmaps, coverage trends, and Terraform/CloudFormation remediation templates. For compliance, it can map to CIS Controls v8 and NIST 800-53 and generate audit evidence, though the main materials do not disclose a13e’s own compliance certifications.

CloudSigma’s key strength is converting threat intelligence into rules: it generates output based on 475+ gold rules, 17 platforms, and 5 SIEM formats, and can automatically enrich CVEs with NVD data, vendor advisories, and security research. It is well suited to teams that already have a SIEM but lack sufficient rule engineering resources.

Pricing and Deployment

Pricing is relatively transparent. The free version of DCV supports 1 cloud account and unlimited scans. Individual costs £29/month, expands support to 6 accounts, and adds scheduled scans, alerts, API access, and exports. Pro costs £250/month and supports up to 500 accounts, organization dashboards, and automatic discovery. The free version of CloudSigma includes 20 rules per month, while Pro costs £29/month with unlimited rules. The Enterprise plan supports SSO, SLA, dedicated support, custom integrations, and NET-30 invoicing. For deployment, DCV scans using a read-only IAM role; CloudSigma generates rules from CVE/URL/text input, so the entry barrier is relatively low.

Pros, Cons, and Who It’s For

The main advantage is a clear product workflow: from cloud scanning and ATT&CK coverage to compliance mapping and SIEM rule deployment, it forms a closed loop. The free tier also makes quick validation easy. The drawbacks are that data residency, encryption, permission boundaries, security certifications, support response times, and Chinese-language service are not specified. Team shared rule libraries and audit trails are also not yet available.

It is suitable for mid-sized to large multi-cloud security teams, detection engineering teams, cloud security architecture teams, and organizations that need audit evidence. The main materials provide no information about access from China, so network connectivity, payment methods, and local compliance should all be tested directly. If access is limited, alternatives to consider include cloud provider-native security centers, Microsoft Sentinel, Splunk, Elastic Security, or tools from the SigmaHQ ecosystem.