All features

Mobula · System Pulse

Know your blind spots
before the
attacker does.

A silent connector means you're flying blind. Mobula continuously watches every data source and connector, flags the ones that went quiet, and tells you before a gap becomes an incident you never saw coming.

32
Connectors monitored
29
Healthy right now
3
Need attention
System Pulse / Connector overview
Microsoft Sentinel
SIEMHealthy2s ago
CrowdStrike EDR
EDRHealthy4s ago
Palo Alto NGFW
FirewallHealthy8s ago
Okta Identity
IAMDegraded14m ago
AWS CloudTrail
CloudSilent2h 8m ago
Syslog - DMZ servers
LogHealthy1s ago
Tenable.io
Vuln ScanStale6h ago
01

Every source. Continuously watched.

Mobula monitors every connected data source for activity, latency, and event volume. It knows what normal looks like for each connector - and flags the moment something deviates. Not just "is it connected?" but "is it actually sending the events we expect?"

Connector Health / 28-day uptime
Microsoft SentinelSIEM
CrowdStrike EDREDR
Palo Alto NGFWFirewall
Okta IdentityIAM
AWS CloudTrailCloud
Syslog - DMZLog
Tenable.ioVuln Scan
HealthyDegraded / StaleSilentNo data
02

Mobula tells you. Before the gap matters.

When a connector goes quiet, Mobula doesn't wait for an analyst to notice. It creates a system alert, assesses which detection categories are now blind, and tells you exactly what visibility you've lost.

System Alerts / Connector events
02:11
SilentAWS CloudTrail - no events for 2h 8m
Last event at 00:03. Expected cadence: every 60s. Cloud activity is now invisible - privilege escalation, data access, and IAM changes will not alert.
Cloud coverage lost
01:47
DegradedOkta Identity - event rate 78% below baseline
Receiving 12 events/min vs. expected 54. Authentication anomalies and impossible travel detection are degraded.
Identity coverage degraded
21:30
StaleTenable.io - last scan result 6h ago
Vulnerability data is stale. New CVEs published since last scan will not be correlated with active alerts.
Vulnerability correlation stale
14:22
ResolvedCrowdStrike EDR - connectivity restored
Brief degradation at 14:09 (13 min). All EDR telemetry resumed. No alerts were missed during the window.
No coverage gap
03

See exactly what you can and can't see.

Mobula maps your active connectors to detection categories. At a glance you can see which attack surfaces are fully monitored, which are partially covered, and which are completely dark - so you know where to act first.

Coverage Map / Detection categories
Endpoint
CrowdStrike EDR
Syslog - DMZ
Full coverage
Network
Palo Alto NGFW
NetFlow
Full coverage
Identity
Okta (degraded)
AD Event Logs
Partial - Okta degraded
Cloud
AWS CloudTrail (silent)
BLIND - no events
SIEM Correlation
Microsoft Sentinel
Full coverage
Vulnerability
Tenable.io (stale)
Stale - 6h old data
04

Full connector history for every audit.

Every gap, every degradation, every recovery - logged with timestamps and impact assessment. When an auditor asks "was your EDR online during this incident?", you have a precise answer.

Connector History / Last 30 days
Overall uptime
98.7%
Incidents logged
9
Total gap time
3h 41m
Avg recovery
18 min
AWS CloudTrailSilent - no events02:11 todayOngoing2h 8m+
CrowdStrike EDRDegraded connectivity14:09 yesterday14:2213 min
Okta IdentityEvent rate drop01:47 todayOngoing2h 32m+
Tenable.ioNo new scan results21:30 yesterdayOngoing6h+
Palo Alto NGFWPacket loss spike09:14 Jun 2209:31 Jun 2217 min

Every connector · continuous monitoring · full audit history

Stop finding out about
gaps after the incident.

Mobula watches every data source so you don't have to. When something goes quiet, you know immediately - with a clear picture of exactly what visibility you've lost and what it means for your coverage.

Book a POCSee all features
Mobula SOAR · system pulse · 28-day connector history