• Behavioral attack detection
  • Threat hunting, mitigation and response
  • AI driven self learning


A Software as a Service (SaaS) application that identifies, detects and responds to network-based cyber-attacks in real-time by leveraging our advanced layered AI approach. Using an ensemble of algorithms, CyGlass learns the customer’s network and can detect threats of unknown origin without requiring the set-up of rules or policies.

By leveraging the power of the AI, CyGlass can analyze enormous traffic volumes and complicated network topologies at a fraction of the cost of traditional security solutions. CyGlass threat scoring model empowers information security teams to thwart active threats and prioritize their defenses around their most critical business assets. SOC Analysts quickly gain insight into network threats through CyGlass’ robust investigation and visualization capabilities.

CyGlass uncovers in real-time how advanced cyberattacks are evolving within your network and helps you stop them before they happen.

Proven Military Grade Technology

Incubated in the most rigorous environments over the past decade, CyGlass has unparalleled experience in delivering AI, machine learning and machine reasoning based anomaly detection solutions for strategic cyber defense operations.

No Signatures

CyGlass requires no rules or configuration. Completely self-learning, CyGlass applies an ensemble of algorithms, based on the context of the emerging network behavior, to accurately uncover non-signature based dark threats.

Critical Asset Classification

CyGlass intuitively identifies, understands and classifies which assets are most important to your business. By understanding the value of your assets, our deep machine learning techniques are even more precise when it comes to pinpointing the most critical threats to your network.

Continuously Monitors and Learns

With its continuous self-learning capabilities, the more data CyGlass ingests, the more powerful its dark threat detection precision becomes. CyGlass uses real-time network traffic, log data, and federated intelligence sources in tandem with user and asset data, to identify, visualize, and prioritize how a threat is evolving in real-tme within your network.

Surfaces and Pinpoints Threats

By understanding where your most valuable assets reside and the traffic and users that interact with them, CyGlass is able to direct your analysts’ attention to the threats that are most critical. Our machine reasoning prioritizes and pinpoints the area of concern as a threat is evolving, letting you take pre-emptive mitigative action.

Built for a World without Borders

Dealing with millions of potential nodes, users and devices, and petabytes of data inside and outside your networks requires a highly elastic and scalable architecture. CyGlass SaaS Analytics permits you to leverage either our AWS cloud service or your own private cloud and scales comfortably to millions of nodes. And don’t worry, if preferred, you can also deploy on premise.

Federated Intelligence

External threat intelligence feeds provide valuable insight into the evolution of ongoing cyber threats. CyGlass federated intelligence permits you to ingest additional third party sources of threat information to enrich data sets and enhance threat detection.

Appreciates in Value

CyGlass not only augments and multiplies the capabilities of the human analyst, but also becomes more powerful and accurate in its dark threat detection the more it learns. It is the only security investment you make that appreciates in value over time.

CyGlass Dark Threat Detection supports a comprehensive array of use cases to ensure the attack resilience of your enterprise.

With its unsupervised self-learning algorithms, CyGlass will identify new areas of concern as they emerge and package these automatically into the platform, making your network protection stronger over time.

Unknown Dark Threats

CyGlass detects and focuses your attention on complex multi-faceted attacks and non-signature based threats that pose the highest risk to your enterprise.

Regardless of the phase in the Cyber Kill Chain®, CyGlass will generate prioritized areas of concern and alert your analysts before suspicious activity can manifest itself.

Insider Threat

CyGlass detects malicious insiders, negligent employees and third party contractors by understanding their behaviors in correlation to their peer groups.

Meaningful yet subtle changes from their baseline behavior will be flagged, tracked, and escalated.

Critical Asset Protection

Cyglass understands which assets in your environment are most important.

By understanding the relationships between users, devices, network traffic and the assets, CyGlass determines the value of your assets and prioritizes risk associated with them.

SOC Productivity and Threat Hunting

CyGlass maximizes the productivity of your analysts, by focusing their attention on the threats with the highest risk and greatest potential impact to your organization.

Our targeted threat hunting capability, provides a visual time-based progression of how the threat is evolving and pinpoints the anomalous behavior, permitting quick response and mitigation.

Rogue IOT Devices

Rogue IOT devices have the potential to cause significant damage. They extend the network beyond the traditional boundaries and security controls.

CyGlass detects and prioritizes anomalous behaviors across your IOT network and will identify those devices that present a security risk and are functioning outside the norm.


CyGlass provides you the building blocks to demonstrate to your auditors that you have control of your assets and network.

CyGlass is an integral part of ensuring a strong compliance posture by augmenting your current security controls, integrating to your processes, and providing needed reporting.

contact us

Please do contact us. We most likely respond faster than you thought,