Flarehawk is a security platform that monitors security tools, probes threats, and prompts action. It addresses the challenge of security tools generating thousands of alerts daily by automatically investigating which ones actually matter.

Key features include real-time threat detection, automated investigation capabilities, and one-click fixes for identified threats. The platform offers 5-year log retention, built-in SSO integration, and Slack integration for notifications. It currently supports Cloudflare Enterprise via Logpush, with support for all Cloudflare plans via custom Worker middleware coming soon.

The product uses a unique approach called the Flarehawk Fabric, which is a per-tenant ML model that ingests logs, learns baseline behaviors, and scores anomalies against what's normal for each specific environment rather than generic thresholds. Every customer gets their own model that evolves continuously.

Benefits include automated investigation of security alerts that would otherwise go uninvestigated, context-aware threat detection specific to each environment, and streamlined security operations through one-click fixes. The platform helps security teams focus on meaningful threats rather than sorting through thousands of alerts.

Target users include organizations using Cloudflare Enterprise and other security tools who need automated threat investigation. The platform integrates with Cloudflare Enterprise initially, with Microsoft 365, Google Workspace, Okta, and more ingestion connections coming soon.