gsage is an on-premise SOC assistant that combines AI agents, structured tooling and human review — so security teams can monitor, investigate, triage and respond faster, without handing core workflows to a third-party SaaS.
The community edition is open and free, with usage caps. Enterprise removes those caps, adds private modules, and gives your team a vendor accountable for the deployment — so gsage can run as a load-bearing piece of your security operation.
Hardened, version-pinned integrations for Elastic, Zabbix, GLPI, Microsoft 365, firewalls, EDRs and ITSM. Reviewed, signed and supported by GuardianKey.
Enterprise-only agents and connectors: advanced threat intel feeds, internal CMDB binding, custom approval flows, multi-tenant operation and SSO/IdP integration.
Assisted deployment in your environment, role-based training for SOC analysts and managers, and an SLA-backed support channel directly with the GuardianKey team.
Both editions share the same core engine. Enterprise is for organizations that need vendor support, hardened integrations, and the freedom to scale gsage across the whole SOC.
Every Enterprise integration is version-pinned, security-reviewed and maintained by GuardianKey.
Your logs, tickets and alerts never leave your environment. gsage Enterprise is built for CISOs who need the productivity of AI without the data-residency, audit and compliance trade-offs of SaaS.
No third-party SaaS, no cross-border data flow. Model, logs and tooling all run in your perimeter.
Every prompt, tool call, approval and response is logged with full traceability for incident review and compliance.
Sensitive actions — IP blocks, ticket creation, endpoint isolation — go through structured approvals before execution.
A real partner with a contract, an SLA and a team that owns the outcome — not just a GitHub repo.
Talk to a GuardianKey specialist about deployment, scope and a pilot for your environment.
