top of page

First Watch Sensor SM

Why First Watch?

First Watch is a concept of using our MISP based threat intelligence data to automatically protect our customers from malware, viruses and phishing activity. The First Watch sensor can detect or block threats. This is a dual use technology that incorporates intrusion detection as well as intrusion prevention to both find and to prevent threats on your network. This inexpensive device does more than our competitors sensors.

The First Watch sensor product protects against 4.2 million different types of malware and virus activity. In addition the appliance can also report to Jigsaw Security for customers that purchase our managed security offerings. All sensors require a subscription to Jigsaw Threat Intelligence for operation.

MISP Integration Module

MISP events are provided to the sensor which automatically protects you from threats on your network. Each signature has an ID which can be researched in Jigsaw Security's MISP instance.

Sensor also detects threats without signatures based on network activity. Heuristic detection finds new and emerging threats.

Community Edition - Watch Only Version with No Protections

Download the Firstwatch CE Edition. This sensor build will only watch your network and report infections. The differences between the CE Edition and the full sensor are listed below:

  • Community Edition only watches your network whereas the Commercial Edition will protect your network

  • Both versions replace or work with your DNS servers to provide visibility into your network name and IP queries

  • The CE edition does not update it's signatures. The Commercial edition connects to Jigsaw Security threat intelligence to stop new and emerging threats as they are discovered by the security community

To download the community edition click here.

Licensed Commercial Edition - Watch, Protect and Disrupt Threats

The Commercial Edition does everything that the CE edition does as well as:

  • Instant updates of Threat Intelligence indicators of compromise from Jigsaw Security's Threat Intelligence Server

  • Updated DNS RPZ to actively stop malware payloads and phishing sites from hurting your workstations and servers

  • Stops threats such as ransomware, phishing, malware and viruses by redirecting bad traffic to clean sites to notify you of the problem as it occurs

  • Includes additional modules that include heuristics detection and AI models to detect unknown and new and emerging threats

  • Cutting edge security technology to help keep end users safe from the most damaging threats.

To purchase a commercial sensor please click here. The commercial version actively stopped attackers in their tracks!

Now that you've test driven a sensor... Subscribe for Security Updates

Test in the Cloud - Deploy Quickly with No Risk or Commitment

To test our solutions you can request that Jigsaw install a cloud enabled version of our sensor. We will provide you with a login and all you need to do to test it is set your DNS to the IP addresses of the instance we configure for your organization. It really is that simple to deploy, simply install and set your DNS servers and your workstations and servers are instantly monitored and protected. Jigsaw will deploy your sensors in our data center.

Hosted Solution - AWS or Azure Hosted Appliance with our Analytic Platform

To get a hosted version of our sensors that run in AWS please contact a sales representative or fill out the form above.

  • Integrated RPZ Server that blocks malicious host destinations

  • Integrated Maltrail based sensor configured on port 8338 (accessed via web browser)

  • Jigsaw Threat Intelligence - Includes some sample data - Near real time updates require a subscription for RPZ and Signatures

  • For information on Jigsaw Security Threat Intelligence

  • Web Based Management (MISP Management of Signatures)

This sensor is used so customers can evaluate our solution only. It may be used for up to 30 days and you are free to modify it for use in your environment. You can also write your own signatures. This VM includes the Jigsaw Security solution for protecting customers using RPZ and detection technology. We detect, disrupt and redirect.... That's what we do! Commercial use requires a valid Jigsaw API key and subscription for real time updates.

bottom of page