Edge security · Built in Ireland

Detect·validate·contain.
One appliance. One pipeline.

Plug-and-play Edge-deployed Eight-state classification Auditable AI

A plug-and-play security control platform on a single edge appliance — it self-configures on deployment, then tells you, in plain language, what’s happening on your network and what to do next. Decisions are deterministic. AI is the explanation layer. Both are auditable.

Book a demo See how it works
The portal

This is what your team sees.

One unified surface. Three views — Executive, IT Detail, Control. Every score traceable back to the data behind it.

portal.cybervigilpro.com
The CVP Portal Executive view — security score, AI activity, change cards, and the prioritised action list

The Executive view — every customer’s landing page. Score, AI activity, change cards, prioritised action list. One click into any element shows you the data and the logic behind it.

What CVP is

An edge-deployed security control platform.
One appliance. One pipeline.
Detect. Validate. Contain.

For MSPs & resellers

Built channel-first.

Most security platforms are sold direct first and adapted for the channel later — the seams show. CVP is built channel-first. Every architectural decision was made to make the partner economics work.

CVP wins when its partners win. The platform is the thing CVP sells; the customer relationship belongs to the partner.

— CVP commercial principle
Three engagement models
Referral Reseller MSP-operating

Per-customer isolation

Every customer runs in their own dedicated AWS account. Data does not cross customer boundaries. By design.

Unified fleet view

One console showing every customer’s devices, states, and active issues. You see what you need; each customer sees only their own.

Choice of SOC operator

Operated by your team or by ours. Same platform, same pipeline — your choice of who runs the watch.

No AWS required

Partners onboard customers without needing AWS console access. The platform handles provisioning end-to-end.

How the platform works

Three pillars. One pipeline.

A single appliance runs the full sensing, validation, and response loop at the network edge — and a portal turns that into plain-language answers.

01 / Sense

Detect

Continuous packet-level inspection, asset discovery, and vulnerability scanning. Built on field-proven engines, configured for safety on production networks.

  • Network IDS
  • Asset inventory
  • Vulnerability scanning
  • Behavioural baselining
02 / Correlate

Validate

A proprietary correlation engine — patent-protected — joins detection signals with vulnerability state to filter noise and surface what genuinely matters.

  • Signal + vuln correlation
  • Eight-state classification
  • Deterministic scoring
  • Auditable logic
03 / Respond

Contain

From clear alerts and guided playbooks up to a customer-defined pathway for rapid, pre-authorised automated containment on the scenarios you choose.

  • Prioritised alerts
  • Guided response
  • Containment pathway
  • Customer-defined scope
The Eight-State Surface

Every device. One of eight states.

Instead of drowning in alert lists, every asset is continuously classified into one of eight defined states — ranked by priority, scored deterministically, and explained in plain language.

01 / Highest priority

Critical Exposure

Known-exploited vulnerability on a device with active inbound traffic.

02

Active Threat

An IDS signature is firing right now against this device.

03

Vuln + Active Traffic

Known vulnerability on the device and traffic is reaching it.

04

Outside Boundary

Device is on the protected segment but outside its expected boundary.

05

Blind Spot

A device is present that we cannot fully fingerprint or assess.

06

Suspicious Behaviour

Activity that deviates from the established baseline for this device.

07

Policy Violation

A defined policy rule has been breached — not a threat, but an exception.

08 / Steady state

Healthy & Compliant

No detected exposure, no active signal, behaviour matches baseline.

portal · IT Detail view
The eight-state surface rendered in the CVP Portal — each state with device count and severity colour

The eight-state surface in the portal. Each card expands into a per-device drawer with the full evidence trail — what fired, when, why this device is in this state.

The AI Trust Layer

AI explains.
AI doesn’t decide.
Both are auditable.

Every score CVP gives you is calculated by a deterministic engine you can audit line by line. AI is used only to translate those findings into plain-language explanations — and every explanation carries a full provenance trail.

  • Deterministic Scoring and classification logic is rule-based and reproducible. Same inputs, same answer.
  • Explained AI generates the narrative you read in the portal — never the decision behind it.
  • Provenanced Every AI-generated narrative records its model, tokens, timestamp, and source data.
  • EU-aligned Designed against the EU AI Act framework. AI is assistive — never the system of record.
Score calculation tooltip — the score is a deterministic ratio, not an AI judgement
Deterministic by design The score tooltip — visible from any card in the portal. Every figure traces back to its source query and the rule that produced it.
AI provenance footer — model, tokens, timestamp, narrative version for every AI-generated explanation
Provenance, always Every AI-generated narrative is signed: model, tokens in/out, timestamp, narrative version. CISOs and auditors get the trust signal they look for.
The AI you ask

Meet the Guardian.

A conversational AI that lives in the portal. The Guardian reads the same data the dashboards show and answers questions about your network’s actual state — in plain language.

Suggested one-tap questions
  • Why is my system at risk?
  • What should I fix first?
  • Explain the router issue simply
  • Is the AI usage dangerous?
  • Are my other devices safe?

How it works. The Guardian explains findings the deterministic engine has already classified — it does not invent them. Every answer carries the same provenance trail as every other AI artefact in the portal.

The CVP Guardian in the portal — chat panel with one-tap questions and a plain-language answer about the customer's network state
Choose your level of operational coverage

Same platform. Three support levels.

The platform is the platform. What changes is how much of the operational lift sits with us versus your team — and whether automated containment is enabled, scoped to scenarios you pre-authorise. Managed and Active-Containment can be operated by your channel partner.

Platform

Self-driven

Full platform access. Your team operates the portal, triages alerts, and runs response.

  • Edge appliance & portal
  • All eight-state classification
  • Vulnerability + IDS pipeline
  • AI-generated narratives
  • Full audit trail

For teams with established SOC capability and capacity.

Managed

Operated with you
Channel-deliverable

Everything in Platform, plus our team monitoring with you — triage, escalation, and a defined response SLA.

  • Everything in Platform
  • Monitored triage & escalation
  • Defined response SLA
  • Onboarding & tuning
  • Quarterly posture reviews

Most chosen. The sweet spot for distributed teams and channel-delivered service.

Active-Containment

Operated & actioned

Everything in Managed, plus a customer-defined pathway to pre-authorised automated containment for the action surface you choose.

  • Everything in Managed
  • Pre-authorised action surface
  • Customer-defined scope
  • Rapid containment response
  • Every action audit-logged

For environments where speed-to-containment is the priority and a scoped action surface is acceptable.

Where it works

Built for the distributed reality of modern enterprise.

A single appliance and a managed pipeline are designed to close the visibility gap created by remote work, third-party access, and rapid corporate change.

Third Party & BPO

Extend visibility to vendors and partners without deploying agents inside their estate.

Remote Offices

Enterprise-grade security at branch and satellite sites without a local IT team.

Remote Workforce

Protect employees working from home or on the move with a small, plug-and-play appliance.

Mergers & Acquisitions

Rapid posture assessment and continuous monitoring of newly acquired entities.

The edge appliance

One small box. Three sizes.

The same software pipeline runs on every model. Pick the size that matches the site, choose the wireless mode that matches the site’s existing infrastructure.

Small site

Edge S

1 – 20 devices · integrated Wi-Fi

For remote offices, home installations, and small distributed sites. Wi-Fi is built in — plug it in and it’s ready.

Mid-size site

Edge M

Up to 200 devices · decoupled wireless

For mid-size offices, mixed wired/Wi-Fi environments, and most third-party sites. Works alongside existing Wi-Fi from major vendors or with CVP-supplied access points.

Larger site

Edge L

Up to 500 devices · decoupled wireless

For larger sites and headquarters environments. Same wireless options as Edge M — keeps the wireless story consistent at scale.

0%+
of employees work outside the traditional perimeter
0%
surge in supply-chain attacks in three years
0%
fewer alerts to triage — correlation filters the noise
EU headquartered Enterprise Ireland PSSF EU AI Act framework
Trust signals built into the platform

See the platform for yourself.

A short walkthrough of the appliance, the eight-state surface, and the AI-explained portal — shown live on a CVP reference system.

Book a demo Explore the platform