Cyberwatch solution

A single platform for effective cyber security management

Cyberwatch enables you to fight against cyber attacks and control the compliance of your information system thanks to its two complementary security solutions: Vulnerability Manager and Compliance Manager. These two solutions, designed to support your IS, integrate seamlessly and easily into your infrastructure, while guaranteeing you total control over data and analysis results.


Ikoula and Cyberwatch support you in managing your vulnerabilities and compliance.

Cyberwatch platform

2 complementary solutions
for corporate cyber security

Map your information system

Cyberwatch enables you to view all your digital assets, including servers, applications, databases and network equipment... With Cyberwatch, you get a clear, centralized view of your infrastructure, making it easier to identify hotspots and vulnerabilities.

Detect non-compliance, continuously

Cyberwatch continuously monitors your information system to identify compliance issues in real time... Thanks to regular automated analyses, the solution checks that your equipment complies with current safety standards and policies. This proactive approach enables faults to be detected quickly and corrective action to be taken swiftly.

Identify the most important assets

Cyberwatch helps you identify the critical assets of your information system, those whose compromise would have a major impact on your business... By classifying your equipment and applications according to their importance, the solution enables you to concentrate your security efforts where they are most needed. In this way, you can maximise risk management by giving priority to protecting the strategic resources of your infrastructure, ensuring the continuity and resilience of your organisation.

Prioritize the most serious breaches

Cyberwatch enables you to prioritize the vulnerabilities identified according to their criticality and the potential impact on your assets... Thanks to a detailed risk analysis, the solution assesses each breach according to its seriousness and the urgency with which it needs to be dealt with. By prioritizing the most critical faults, you can optimize your efforts and resources to quickly correct the most threatening flaws, thereby strengthening the overall security of your information system.

Decide on the actions to be taken

Cyberwatch gives you the information you need to make the right decisions about the measures you need to take... The solution provides you with a comprehensive view of vulnerabilities, criticality levels and the potential impact on your assets, helping you to draw up a precise, prioritized action plan. Whether it's applying patches, reinforcing configurations or putting in place additional monitoring measures, Cyberwatch guides you in proactively and effectively managing the security of your information system.

Correct and control compliance

Cyberwatch makes it easy to apply the patches needed to restore compliance to your information system. The solution helps you automate and plan corrective actions... thanks to its patch management features. It also ensures rigorous monitoring of their application. So you can monitor the effectiveness of the measures taken and ensure that your equipment complies with security standards at all times.

Vulnerability Manager

From detection to correction of vulnerabilities

Vulnerability Manager helps you manage your vulnerabilities by giving you a global and continuous view of your vulnerabilities, with detection, prioritization, and remediation :

  • Have access to a knowledge base of vulnerabilities, hosted within your infrastructure or in SaaS mode,
  • Prioritize risks and receive only relevant information,
  • Identify the vulnerabilities that are easiest to attack and have the greatest impact on your information system.


General architecture

Interaction between your infrastructure and the Cyberwatch Cloud infrastructure
The master scanner downloads the latest vulnerabilities from the knowledge base every hour via an outgoing HTTPS connection, or via a file (air gap environments): no transfer of information about your vulnerabilities leaves your IS.
Cyberwatch's correlation algorithms are updated hourly, based on feedback from a variety of recognized sources:

  • CVE databases (NVd, ANSSI, RENATER, etc.)
  • Exploit databases (ExploitDB, GitHub, Metasploit, etc.)
  • Publisher databases (Microsoft, RedHat, Adobe, SAP, Citrix, etc.)

Scanning procedure

Different flexible scanning modes can coexist. There are 4 main ones:

  • Agentless scan
    • Via SSH / WinRM / SNMP, with key/password authentication.
  • Scan with agent
    • Via a lightweight agent installed on the target, deployment via package or MSI.
  • "Offline" scan
    • Extraction of Cyberwatch scan scripts and execution on targets at your convenience.
  • Scan of ports/websites
    • Via domain name / IP entry, scans via TCP / UDP and web requests.


Encyclopaedia of vulnerabilities

A comprehensive database of information on embedded vulnerabilities
The Vulnerability Manager solution natively integrates a vulnerability encyclopaedia with detailed information and hourly updates. You'll find security alerts from publishers, public attack kits available and much more information that you can browse by filtering:

  • By CVE code,
  • By exploitability,
  • By CVSS score and many others.

Scope of coverage

Vulnerability Manager is a solution that can cover a very broad scope, including:

  • Workstations (fixed and mobile)
  • Servers (VMs, physical servers, hypervisors, etc.)
  • Network equipment (routers, switches, firewalls, etc.)
  • Containers (images, instances)
  • Websites (URLs, IP addresses, etc.)
  • Industrial equipment (PLC firmware)
  • Software libraries (development modules)

Compliance Manager

The compliance control tool that adapts to your requirements

Cyberwatch Compliance Manager is an optional add-on module to the Vulnerability Manager solution.
It helps you define and achieve your compliance objectives, based on international or customized benchmarks, with total simplicity:

  • Managing your compliance is simplified,
  • The solution adapts perfectly to your Information Systems Security Policy,
  • You are free to use standard market repositories, or to create your own compliance rules.


General architecture

Interaction between your infrastructure and the Cyberwatch Cloud infrastructure
Data is updated by synchronizing the latest rules via an HTTPS link (outgoing flow) or via a file to be imported: no transfer of information on your security status leaves your IS.
Cyberwatch's correlation algorithms are updated hourly, based on feedback from a variety of recognized sources:

  • Compliance standards (CIS, ANSSI, publishers, etc.)
  • Catalogue of best practice rules (Cloud service providers, customer feedback, etc.)


Scanning procedure

Different flexible scanning modes can coexist. There are 3 main ones:

  • Agentless scan
    • Via SSH / WinRM / SNMP / Cloud API / LDAP, with key/password authentication.
  • Scan with agent
    • Via a lightweight agent installed on the target, deployment via package or MSI.
  • "Offline" scan
    • Extraction of Cyberwatch scan scripts and execution on targets at your convenience.

Scope of coverage

Compliance Manager is a solution that can cover a very broad scope, including:

  • Workstations (fixed and mobile)
  • Servers (VMs, physical servers, hypervisors, etc.)
  • Network equipment (routers, switches, firewalls, etc.)
  • Containers (images, instances)
  • Cloud environments (base configurations)
  • Microsoft Active Directory

What are the advantages

of the Cyberwatch platform?

Continuous analysis

Continuous vulnerability and compliance scans give you a real-time overview of security levels.

Flexible deployment

The solution can be deployed with or without an agent, or in offline mode for the most sensitive environments.

Simple integrations

Integrations can be made via the Cyberwatch REST API using different clients, or via a third-party REST API of your choice.

Confidentiality

Deployment takes place within your IS, on a local or Cloud infrastructure - no information is sent to the external environment.