Thousands of predefined CSCs

Cyber Observer comes out-of-the-box with 5,000-plus predefined critical security controls. These CSCs are mapped to pre-defined views and are based on industry best practices and recognized cybersecurity standards.

Cyber Observer’s core engine supports two types of CSCs:

Tools type CSCs: These are CSCs that ensure cybersecurity and related IT tools are well-configured, up and running, and performing their functions. This includes module issues, policy issues, agent statuses, scanning issues, licensing statuses, and more.

Security type CSCs: These are CSCs based on vendors’ and industry best practices and recommendations, and cover categories such as administrative privilege issues, password policy Issues, endpoint issues, rules, anomalies, and much more.


Self-assessment and questionnaire capability

The Cyber Observer platform enables organizations to create self-assessments against frameworks and standards.  Organizations can use our out-of-the-box, ready-to-use self-assessments in combination with their own custom-built self-assessments based on their requirements.


Analytics engine

Cyber Observer’s analytics engine continuously monitors all of an organization’s cyber and IT tools to collect highly valuable data which is used to understand normal behavior. Any deviations from normal behavior are flagged with real-time alerts.

This enables relevant stakeholders to easily identify cyber incidents, weaknesses, and quickly manage their mitigation efforts while reducing mean-time-to-detect (MTTD). The engine helps prevent breaches and improves the organization’s cybersecurity posture and maturity on a continuous basis.


Quick and easy implementation

The Cyber Observer platform is delivered in an easy-to-install virtual appliance together with a simple prerequisite manual explaining how to share read-only credentials with the data sources. The platform is typically up and running in 3-4 hours.



Once organizations review Cyber Observer’s out-of-the box views, they can immediately copy, paste, or modify those views, or create an unlimited amount of new views and security domains from scratch. Organizations can also build and add new CSCs. These customizations can be based on critical assets, specific teams, SOCs, auditor needs, locations, and many more categories.


Open API

Cyber Observer’s open API enables information sharing with third-party tools that provide SIEM, automation, AI, and more.


Cloud & on-premises data sources

Cyber Observer can retrieve information from hybrid environments and the platform supports the connection of unlimited on-premises and/or cloud tools and services.



Organizations can implement unlimited Cyber Observer core engines within separate networks and correlate all the data to a MOM (manager of managers) view.


Build your own connectors

Organizations can easily create and add their own connectors to retrieve information from internal and non-commercial data sources.


Historical database

Cyber Observer connectors continuously retrieve CSCs and then save and store the raw data in a historical database. This database allows organizations to keep track of admin activities, firewall rule changes, policy changes, malware definition updates, tool configuration changes, comparison reports, and much more.