Our philosophy is driven by the fact that the only reliable and true source of information to indicate an emerging threat or ongoing cyber attack is network traffic. Unlike legacy security solutions, CyGlass is self-learning and adaptive, and requires no rules, signatures or configurations to detect unknown advanced cyber threats.

 CyGlass covers your entire network; on premise, as well as private and public clouds. Any hardware or virtual host with an IP address is continuously monitored without exception. Desktops, laptops, servers, printers, smart phones, BYOD, IOT devices are all captured and assigned criticality values based on the behaviors, users and services interacting with them.

Discovers and Learns

CyGlass provides you with the intimate knowledge of your network you need to effectively defend against advanced cyber threats.

CyGlass ingests real-time network traffic, historical log data, as well as federated sources of data and connects those to your users and assets to provide a comprehensive visual mapping of your environment.

By analyzing users and behaviors of your network interacting with those assets, CyGlass understands which assets in your environment are most critical to protect.

Predicts and Prioritizes

Leveraging an ensemble of algorithms based on machine reasoning, and deep machine learning techniques, CyGlass emulates human analyst thinking and contextualizes the nature of the threat in relationship to the value of your assets.  

Web and DNS activities, masqueraders, credential compromise, rogue behaviors, low and slow, low and fast, insider threats, lateral movement, and exfiltration are all surfaced, correlated, and prioritized by CyGlass into areas of concern.

Pinpoints and Mitigates

Areas of concern guide analysts to focus on those emerging threats which pose the greatest risk and organizational impact.

A visual timeline mapping of the evolving threat, allows analysts to drill down into the context of the threat for pre-emptive remediation.

Integration into your incident response workflows and other tooling ensures you can leverage your existing infrastructure and processes.


Convenient, cost-effective, and scalable are the foundational principles of CyGlass architecture.

CyGlass Analytics can be deployed as a SaaS in AWS or deployed in your own private cloud or on premise.

Our lightweight collectors can be deployed either as virtual or hardware appliances.   

Comprehensive Use Case Support

CyGlass Dark Threat Detection supports a comprehensive array of use cases to ensure the attack resilience of your enterprise.

With its unsupervised self-learning algorithms, CyGlass will identify new areas of concern as they emerge and package these automatically into the platform, making your network protection stronger over time.

Unknown Dark Threats

Uncover non-signature based dark threats that have evaded traditional security controls

Insider Threat

Identify suspicious lateral movements to pre-empt data exfiltration or intellectual property destruction

Critical Asset Protection

Generate business risk understanding based on the network behaviors interacting with your assets

SOC Productivity and Threat Hunting

Minimize alerts and pinpoint threats with the highest risk and impact to your business

Rogue IOT Devices

Capture misconfigurations and exposures


Ensure control over your network and critical assets

View Use Cases
Product Resources Request A Demo