Technology

About the probe

Cryptomage Cyber Eye™ – a Network Detection and Response – class network probe is much more than a simple traffic flow analytics tool. It provides real-time, network-based anomaly detection and prediction powered by low-level network protocol, machine learning (ML), and artificial intelligence (AI) algorithms. As a result, organizations can identify, monitor, and triage traffic flows, connections, and potential malicious events.

Cryptomage Cyber Eye™ probe provides security teams with excellent protection and automates processes to detect and prevent threats, allowing them to manage their time and resources efficiently.

Cryptomage Cyber Eye™ NDR class probe is custom network equipment based on proprietary algorithms of Artificial Intelligence.

Architecture

Cryptomage Cyber Eye™ is built on a flexible and scalable architecture designed for comprehensive network visibility across hybrid IT environments. It supports both on-premises and cloud deployments through a range of physical and virtual sensors that integrate seamlessly into existing infrastructure.

Sensor Deployment

Cryptomage Cyber Eye™ traffic collectors are available in multiple form factors to match the needs of modern enterprise networks:

  • Physical sensors for data center or branch-level deployment via TAP/SPAN ports.
  • Virtual sensors for private cloud environments and virtualized infrastructure.
  • Cloud-native instances designed for public cloud platforms, enabling seamless monitoring of virtual networks.

These sensors are capable of ingesting network packets, enabling detailed inspection and behavioral analysis at various levels of granularity.

Full Traffic Visibility

Cryptomage Cyber Eye™ is engineered to capture and analyze traffic across the entire enterprise topology:

  • North-South traffic: Monitors ingress and egress flows at network boundaries, ensuring threats attempting to cross the perimeter are detected.
  • East-West traffic: Observes internal communications between devices, segments, and virtual networks to uncover lateral movement, internal reconnaissance, and post-compromise activities.

Strategic sensor placement and intelligent traffic routing ensure full coverage of both perimeter and internal network zones.

Intelligence at the Edge

Each sensor performs local traffic analysis, extracting metadata and breach signals in real time. This enables rapid detection of anomalies without requiring full payload centralization—preserving bandwidth and improving detection latency.

For deep inspection, raw packet data and enriched flow logs are forwarded to the central analytics engine, where advanced AI and ML models correlate and evaluate traffic patterns across the entire environment.

Below, you’ll find information about the most important modules of the probe.

Threat detection

Threat detection provides deep inspection of every single network packet, including transported data, with:

  • Network protocol discovery and validation – easily check unknown and hidden protocols
  • Machine learning algorithms – to score traffic risk proactively.

Event management

Event management with full SIEM, SOAR and NGFW integration and export thresholds

  • Risk scoring of each event and host – effective triaging of threats
  • Built-in analytic tools and charts – inform and guide ongoing event management
  • Configurable event triggers – giving you control over certain packets or events when needed

Network monitoring

Network monitoring with proprietary flow metadata formats that go beyond traditional network flow analysis:

  • Protocol behavior and anomaly statistics – wider understanding of traffic flow and behavior
  • Passive mode option – operations don’t interfere directly with the network traffic

Forensics

Forensics to better measure the ratio of security events against the source of traffic:

  • Extraction of high-risk network traffic – easy to analyze and focus on specific threat levels
  • Storage of processed traffic metadata in extended format – faster trend analysis

GDPR

Personal data leak detection

  • Inspection of network packets to detect transmission of personal data such as ID numbers, social security numbers, and bank account numbers
  • Report generation for the Data Protection Officers

If you would like to get new levels of business network security with improved ROI, get in touch with us now (info@cryptomage.com) or (+48 71 757 55 69), and we will respond to your inquiry within 24 hours.

Contact us
X