Fast Answers

Threat Monitoring

Zero compromise when securing your data

Protect your online business assets with Threat Monitoring from UKFast. Our solution is built in-house by the same security specialists who answer your support calls, so your business has never been more secure.

It works to deliver the following services:

What is Threat Monitoring?


Threat Monitoring uses agents installed on each of your servers, which continuously analyse data to distinguish between potential security breaches and normal activity. It works to deliver the following services:

  • Host-based Intrusion Detection and log file collation
  • Vulnerability scans
  • File integrity monitoring
  • Rootkit detection

Log Files

UKFast provides a default list of logs and events customised for your environment on a discovery day with a UKFast security analyst. If any of the 2000 rules created are triggered, an alert is sent to our internal security team and the appropriate action taken. Summary reports and detailed log files are available for analysis and compliance purposes.

What do the alerts look like?

Alerts are categorised into four levels;


Low level events are expected during day-to-day use. Low level events vary from failover events to Windows audit success / failures for Kerberos tickets. These events are logged and reported for reference.


Normal events include user activity that is expected but is still monitored. These are events such as successful logins from IPs that are expected and during normal hours.


High-level alerts may need immediate investigation, such as successful logins from unknown IP addresses and changes to user account permissions. These events should be infrequent and not ignored.


Critical alerts are indicators of a system compromise and need to be investigated immediately. Critical alerts could include successful logins after failed attempts, modifications to core system files, and modifications to payment gateway files.

Threat Monitoring with Response

Threat Monitoring is the first layer of monitoring and protecting your IT environment, and Threat Response ensures that threats are mitigated.

With Threat Response you get access to our dedicated security team who will respond and help mitigate your threat alerts with full transparency.

We will work closely with you to give full visibility of the mitigation approach, and implement this with your agreement.

Feature Threat Monitoring With Response
Threat Alerts
Host-based Intrusion Detection
Vulnerability scans
File integrity monitoring
Rootkit detection
Proactive Response
Mitigation Advice
Fix Implementation

Speak to a Threat Monitoring specialist

Why use Threat Monitoring?

Early Detection

Our Threat Monitoring system alerts you of any breaches to your IT in real time.


Minimise the chance of your data being stolen and defend your web applications.


Create bespoke rule sets for your monitoring solution.

Always Available

Guaranteed 100% network up time, ensuring your business is always online.

Mitigating Alerts

With Threat Response, threats to your infrastructure will be mitigated accordingly.


Detailed reports and live alerting through email, SMS and MyUKFast.

Certifications and Industry Compliance

Crown Commercial Service
Carbon Neutral
ISOQAR Registered

Your solution is only ever housed in our IL4 and ISO-accredited, ultra-secure data centres. And as an exclusively UK-based company, hosting with UKFast offers guaranteed data sovereignty. UKFast is a government approved supplier through the G-Cloud 9 framework.

Need more information

Speak to a threat monitoring expert on 0800 458 4545

Read our consent T&C's