DetectionFlow is an early-stage company working on the platform we wished we'd had when we were running detection engineering programs ourselves.
The team
Detection engineer and software builder based in Dundee, Scotland. Founded DetectionFlow after watching enterprise security teams repeatedly hit the same wall: detections shipped into production that nobody could prove still worked. Steve leads product, engineering, and design partner relationships.
Our mission
Every enterprise SIEM holds thousands of detection rules. Few teams can confidently answer which of those rules still work, which ones quietly broke after the last log-schema change, and which of the techniques attackers use today have no coverage at all. The result is a detection program measured by activity rather than outcome — and a security posture that drifts in the dark.
DetectionFlow is building the AI-native platform that makes the full detection lifecycle visible and testable: research, authoring, deployment, validation, and continuous coverage measurement against frameworks like MITRE ATT&CK. We're vendor-agnostic by design, so security teams keep the investments they've already made in SIEMs, data lakes, and EDR.
We exist because detection engineering is too important — and too understaffed — to remain a manual craft.
Company