ZaunDocs

FAQ

Frequently asked questions about Zaun's platform and services.

General

What is Zaun?

Zaun is an AI-enabled managed security platform that provides forward-deployed security engineering. Unlike traditional MDR providers that only triage alerts, Zaun builds custom detections, writes runbooks, and ships new coverage weekly, all tuned to your specific environment.

How is Zaun different from a traditional MDR?

Traditional MDR providers use generic detection rules and focus on alert triage. Zaun provides:

  • Custom detection engineering built for your environment
  • Documented runbooks for every detection
  • Full investigation transparency: you see exactly what ran and why
  • Weekly coverage shipping: new detections deployed continuously
  • A dedicated FDSE who knows your environment

What is a Forward Deployed Security Engineer (FDSE)?

Your FDSE is a dedicated security engineer assigned to your account. They build custom detections, tune existing rules, write runbooks, and review findings, all specifically for your environment. Think of them as an extension of your security team.

Platform

What data sources does Zaun support?

Zaun integrates with major cloud providers (AWS, GCP, Azure), identity providers (Okta, Entra ID, Google Workspace), EDR platforms (CrowdStrike, SentinelOne, Defender), and SaaS applications. See our Integrations page for the full list.

Where is my data stored?

Your data is stored in a dedicated data lake instance. All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Data retention policies are configurable per customer.

Is Zaun SOC 2 compliant?

Yes. Zaun is SOC 2 Type II compliant. Contact us for our latest SOC 2 report.

Can I use Zaun alongside my existing MDR?

Yes. Many customers use Zaun alongside their existing MDR. Zaun's detection engineering and runbook documentation complement traditional MDR alert triage, giving you deeper coverage and more transparency.

Getting Started

How long does onboarding take?

Most customers are fully onboarded within 1-2 weeks. Initial findings begin appearing within days of connecting your first data sources.

What do I need to get started?

You'll need:

  • Admin access to the cloud services and identity providers you want to monitor
  • A designated point of contact for your FDSE
  • An active Zaun account (contact [email protected])

How do I contact support?

Integrations

Connect your existing security tools and cloud services to Zaun.

On this page

GeneralWhat is Zaun?How is Zaun different from a traditional MDR?What is a Forward Deployed Security Engineer (FDSE)?PlatformWhat data sources does Zaun support?Where is my data stored?Is Zaun SOC 2 compliant?Can I use Zaun alongside my existing MDR?Getting StartedHow long does onboarding take?What do I need to get started?How do I contact support?