early access · request a demo · talk to us
10+ connectors live · uk-hosted · changelog
about · why this exists

Built for the infrastructure you actually have.

Most CAASM platforms were designed for cloud-native organisations. We weren't. EtherSight is for security teams running real estates — Microsoft 365 plus on-premises virtualisation, branch UniFi, an aging SolarWinds Orion, a FortiGate cluster everyone's afraid to touch. The estates that don't fit neatly into a SaaS-only inventory tool.

values · how we operate

A short list of opinions we hold.

/ 01
Visibility before automation.

You can't automate what you can't see. We invest in inventory and correlation first; the action centre is the second-order effect of getting the asset graph right. If the graph is wrong, the actions are wrong.

/ 02
No bluffed badges.

Compliance status is published and dated. Aligned means we operate to the standard but haven't been audited. Compliant means we have evidence. Planned means it's on a roadmap with a target window. Anything else is marketing, and we don't do marketing on the trust page.

/ 03
Boring primitives.

PostgreSQL Row-Level Security. AES-256-GCM. OIDC + PKCE. JWT with refresh-token replay detection. We pick well-understood building blocks and apply them carefully, then have them audited. Exotic crypto is for research, not for security buyers.

/ 04
Sales-led, on purpose.

EtherSight is quoted against your real estate, not a rate-card. We'd rather understand your connectors, asset count and residency needs before sending a number than ship a price that doesn't fit. The proposal you get reflects what you actually need, with the scope on the page before we ask for a signature.

/ 05
A real MSP SKU.

Most CAASM platforms make MSPs negotiate against an enterprise rate-card for the privilege of reselling. We don't. The MSP tier is a real, distinct SKU with multi-tenant management, a per-tenant billing model, and white-label support. Channel partners aren't an afterthought.

/ 06
UK first, by design.

Built in Britain. Hosted in Britain. Designed and operated by people who live under UK GDPR and the Data Protection Act 2018. EU and US dedicated tenancy comes when there's real demand to anchor it — not as a marketing claim ahead of capability.

story · the why

The wedge: infrastructure CAASM.

EtherSight grew out of a frustration that anyone who's run a mid-market security operation will recognise. The leading asset-inventory tools all assume cloud-native infrastructure: containerised workloads, SaaS identity, cloud-only firewalls. They're excellent at that.

But most organisations aren't cloud-native. They run Microsoft 365 alongside an on-premises file server, a Proxmox cluster behind the firewall, a SolarWinds Orion that's been there for a decade, a UniFi network across three branches, and a FortiGate cluster the network team won't let security touch. The asset graph for that estate is fragmented across tools that don't talk, owned by teams that don't share dashboards.

The result is the same risk picture every security review surfaces: which endpoints are missing EDR? which servers haven't been patched? which firewall rules nobody can justify? — answered by spreadsheet, every quarter, with caveats.

EtherSight is the platform we wanted in that role. One asset graph across endpoints, network, firewall, virtualisation and identity. Live risk grading against the controls that actually matter. An action centre that closes the loop with ServiceNow.

It's an opinionated tool. It assumes you have real infrastructure, that you read the small print, and that you'd rather have a published roadmap than a polished pitch. If that's not you, you're probably better served by one of the cloud-native CAASM platforms — they're good at what they do. If it is you, we'd like to show you yours.

an ether-x product

EtherSight is part of Ether-X.

Ether-X is a UK-based software group building opinionated tools for technical buyers. The shared brand foundation — Plus Jakarta Sans, Inter, JetBrains Mono, the cyan/violet/amber palette — is consistent across the group. Each product carries its own product-coded accent (EtherSight is Flare Amber; XeoNote is Prism Blue).

The group operates as a plural "we" because that's how it operates. We don't quantify headcount on the marketing site, because headcount tells you nothing about whether a product fits your estate. The audit summary, the architecture diagram, and the published roadmap will tell you that.

Visit ether-x.com

Want to see your own attack surface?

Request a demo. We'll bring the connectors; you bring an hour and the credentials.

Request a demo Security overview