Cyber Security Center

⚠ Full article available in French only — translation in progress.


Cybelia Cloud Security — SME cybersecurity supervision portal multi-tenant
Portail multi-tenant de supervision cybersécurité

Cybelia Cloud
Security — Portail de supervision

Detection, compliance, response. Everything that happens on your fleet, seen, qualified and handled from a single portal. EU-hosted, native GDPR, native multi-organisation.

👤 IT Director & Responsables IT 📋 Executives & DPO 🔍 Auditeurs & CISO 🏢 MSP & Distributeurs
Cybelia Cloud Security is a multi-organisation web portal that centralises the cybersecurity supervision of your fleet: real-time alerts, CVE vulnerabilities, compliance scores (CIS, GDPR, NIS2, ISO 27001…), automated response playbooks, Cybele AI assistant and monthly PDF reports. Each organisation has its own isolated space, its own reports, its own rules. Hébergé en EU, RGPD natif.
Sommaire
01Périphériques supervisés 02Alertes & Incidents 03Vulnérabilités CVE 04Compliance & SCA 05Playbooks automatisés 06Cybele AI & Tasks 07Rapports PDF 08Security du portail 09Multi-organisations 10Deployment de l'agent 11Cluster & scalabilité 12Rôles & Droits
24/7
Monitoring continue
< 60 s
Délai de détection
10+
Référentiels conformité
100 %
Isolement multi-org.
ℹ️
Comment lire cette documentation ?
Chaque section présente deux colonnes : Ce que vous faites (actions utilisateur) et Ce que le système fait (traitement automatique). Les encadrés Pour le dirigeant reformulent l'essentiel sans jargon technique. Adressée en priorité au IT Director / IT Manager et au Executive / DPO.
01 — Périphériques supervisés

Full visibility on every device in your fleet

Workstations, servers, network devices: every machine where the Cybelia Security agent is installed reports in real time to the portal. Unified view across sites and OSes.

Ce que vous faites
  • Access the list from the menu Périphériques
  • Filtrez par statut, OS, société ou site
  • Click on a device for its full detail
  • Launch an SCA scan from a device's record
  • Consult alerts associated with this device
Ce que le système fait
  • Synchronises the state of each agent in real time (active / disconnected / offline)
  • Collecte les métadonnées : OS, version, IP, hostname, dernière vue
  • Geolocates equipment with public IP on the interactive map
  • Alerte si un agent ne répond plus après N minutes (paramétrable)
  • Cloisonne par société et par tenant — aucune fuite inter-organisations
🖥️Exemple — liste des périphériques
SRV-PROD-01ActifUbuntu 22.04 · 192.168.1.10 · Vu il y a 2 min
PC-RH-DUPONTActifWindows 11 · 192.168.1.45 · Vu il y a 5 min
LAPTOP-MARTINDéconnectémacOS 14 · Hors connexion depuis 4h12
SRV-BACKUP-03Hors ligneNon vu depuis 7 jours
💡
Pour le dirigeant : you know at any time how many devices are operational and which have dropped off. An unmonitored device is a blind spot. The portal eliminates these blind spots.
02 — Alertes & Incidents

Detect, qualify, handle — in that order

The portal centralises all alerts from the detection engine. Each alert is classified by criticality, can be marked as a false positive (the AI propagates the rule), and can trigger a playbook.

Ce que vous faites
  • Consult the table from the menu Alertes
  • Filtrez par criticité, équipement, période, type d'attaque
  • Marquez une alerte comme faux positif — the rule is propagated and Cybele updates its recommendations
  • Déclenchez un playbook depuis la fiche
  • Assign or comment for team follow-up
Ce que le système fait
  • Classe : Critique Élevé Moyen Faible
  • Corrèle les événements multi-équipements (campagnes d'attaque)
  • Déclenche les playbooks configurés en réponse
  • Notifies by email and/or Telegram depending on criticality
  • Sur faux positif : auto-résolution pending AI recommendations matching the same rule
  • Historique horodaté complet pour audit
🔔Exemple — flux d'alertes du jour
CritiqueBrute force SSH — 47 tentatives en 90 secondesSRV-PROD-01 · 14:32
ÉlevéModification de /etc/passwd détectée (FIM)SRV-SQL-02 · 13:18
ÉlevéÉlévation de droits non autoriséePC-RH-DUPONT · 11:05
MoyenPort scan depuis 185.220.101.x (TOR exit node)FW-BORDEAUX · 09:44
FaibleUser account inactive for 90 daysAD · 08:00
🔍
Types détectés : brute force (SSH/RDP), privilege escalation, FIM (critical file modifications), lateral movement, malicious code, exfiltration, port scans, CVE exploitation, abnormal behaviour.
03 — Vulnérabilités CVE

Identify vulnerabilities before they are exploited

Continuous inventory of installed software, cross-referenced with public NVD, OVAL and OSV databases. CVSS score, patch and priority (known public exploit) on every CVE.

Ce que vous faites
  • Menu Vulnérabilités
  • Filtrez par équipement, CVSS, logiciel, statut
  • Détail : description, impact, version corrigée, vecteur
  • Export the list for your team or provider
Ce que le système fait
  • Inventories all installed packages and versions
  • Croise en continu avec NVD, OVAL, OSV (bases publiques)
  • Attribue le score CVSS 3.x (0-10)
  • Identifie la version corrigée disponible
  • Priorise les CVE avec exploit public connu actif
  • Updates the status as soon as the patch is installed
⚠️
Score CVSS : 0 to 10. ≥ 9.0 = Critical (exploitation possible without authentication). 7.0-8.9 = High. The portal prioritises by active public exploit, not only by score.
💡
Pour le dirigeant : a CVE is a published software vulnerability. Without a patch, an attacker can take control of a device. The portal tells you precisely which machines and which update to apply — without needing an expert every time.
04 — Compliance & SCA

10+ frameworks, one score per framework

The SCA (Security Configuration Assessment) module audits the security configuration of each device. Score in %, finding by finding, remediation guide included.

Ce que vous faites
  • Menu Compliance
  • Sélectionnez un référentiel pour le détail check par check
  • Launch a manual scan on a device or the entire fleet
  • Export results for audit or insurance
Ce que le système fait
  • Runs automatic scans every night, staggered over 4 h to spread the load — no midnight spike even at 5000 agents
  • Mappe sur CIS, RGPD, NIS2, ISO 27001, PCI DSS, HIPAA, NIST, SOC 2, CMMC
  • Calculates the score in % per framework and per device
  • Aggregates for a global view of the fleet
  • Provides the corrective measure for each gap

Frameworks detected automatically

ℹ️
Scores are calculated from tags de conformité natifs of the Cybelia Cloud Security detection engine. Only frameworks present in the agents' data are displayed — others are hidden.
RéférentielTargetPérimètreObligation EU
CIS BenchmarksIT Director / CISODurcissement OS — Windows, Linux, macOSRéférence sectorielle
RGPD / GDPRDPO / ExecutiveMesures techniques — données personnellesOui — fines up to 4 % of revenue (data-protection authority)
NIS2CISO / IT DirectorEU directive on network and information system securityOui — transposition European obligatoire
PCI DSS v3.2.1 / v4.0IT DirectorSecurity des environnements carte bancaireContractuel si traitement CB
HIPAAIT DirectorDonnées de santé (US et international)Si partenaires US/santé
NIST SP 800-53CISOContrôles de sécurité — référence internationaleBase de nombreux référentiels
ISO 27001:2013CISO / AuditeurSystème de management de la sécurité de l'informationCertification volontaire UE
CMMC v2.0IT DirectorSous-traitants US DoDSi contrats défense US
SOC 2 / TSCIT Director / AuditeurSecurity, dispo, confidentialité SaaSCertification volontaire
GPG 13CISOMonitoring — UK NCSCRéférence UK / MSP
💡
Pour le dirigeant : a GDPR score at 60 % means 40 % of required technical measures are not in place. In a data-protection authority audit or breach, this report is enforceable proof of due diligence.
05 — Playbooks automatisés

Playbooks that run themselves, 24/7

A playbook = a trigger + a series of actions. Configured once, applied every time the condition is met.

Ce que vous faites
  • Créez un playbook depuis le menu Playbooks
  • Choose the trigger: alert type, criticality, device, rule
  • Enchaînez les actions : isolation, notification, blocage IP, ticket
  • Testez en mode simulation avant activation
  • Consultez l'historique d'exécution étape par étape
Ce que le système fait
  • Evaluates triggers on each incoming alert
  • Exécute la chaîne d'actions de manière transactionnelle
  • Réessaye les actions ayant échoué (retry exponentiel)
  • Traces each execution in the audit log
  • Stoppe et notifie en cas d'échec critique

Library of pre-configured playbooks (MITRE ATT&CK)

📚
At portal startup, a library of MITRE ATT&CK-aligned playbooks is created automatically (idempotent — re-run without duplicates). You can use them as-is or as a customisation baseline.
06 — Cybele AI & Autonomous Tasks

Cybele — your augmented security analyst

Ask a question in natural language: Cybele analyses alerts, reads logs, proposes a remediation plan. Or launch it in tâche autonome — it works alone on your incident while you do something else.

📸

OCR Logs & incident attachments

The AI digests raw logs, error screenshots, scan reports attached to an incident. Structured extraction of IOCs (indicators of compromise): IPs, hashes, URLs, suspicious behaviour.

  • IA Cybelia Cloud souveraine — hébergée EU, RGPD natif
  • Claude (Anthropic) en option — analyses complexes ou multi-étapes
  • Formats : logs syslog, journaux Windows, PDF de rapport, screenshots
  • Extraction d'IOC structurés réutilisables dans les playbooks
  • Aucune donnée ne quitte votre instance
💡 Exemple : Windows error screenshot attached to an incident — the AI recognises a privilege escalation trace and proposes the associated query in the Sysmon logs.
💬

Cybele — 24/7 SOC analyst

Cybele answers questions in natural language about alerts, agents, CVEs and logs of the current tenant — exclusively. Strict isolation, no data leakage between tenants.

  • "Pourquoi tant de tentatives SSH sur SRV-PROD-01 ?" — analyse contextuelle
  • "Quels postes n'ont pas appliqué la CVE-2025-XXXXX ?" — inventaire ciblé
  • "Le score conformité RGPD a baissé, pourquoi ?" — analyse différentielle
  • Accès en lecture seule aux données du tenant
  • All sessions traced and auditable
💡 Exemple : a CISO asks "summarise the week's critical incidents and propose an action plan" — Cybele delivers a structured note.
🤖

AI Triage Colleague — False positives & learning

An AI agent configured for the SOC that triages incoming alerts, proposes qualification (true positive / false positive / to investigate), and propagates false-positive rules validated by a human analyst. Continuous learning.

  • Automatic triage of alerts by context and history
  • Propagation of validated false-positive rules (a recorded FP no longer needs requalifying)
  • Autonomous execution of hundreds of actions until resolution or ceiling
  • Automatic skip of recommendations matching an already recorded FP
  • Validation humaine obligatoire pour les actions critiques
💡 Exemple : "Triage all SSH brute-force alerts from the last 24 hours and mark as FP those originating from our workshop IP 10.0.0.42." — Executed, controlled, propagated.
🔓 Cloisonnement strict garanti. Cybele only sees the current tenant's data. Recommendations are stored per tenant; a false positive recorded in one tenant doesn't affect any other tenant. All AI actions are logged and auditable.
07 — Rapports PDF

A monthly report, ready to present

On the 1st of each month, a PDF is generated automatically per tenant: security posture, alerts of the month, compliance scores, top 10 CVEs, actions taken. Identifiable format, Cybelia Cloud branding.

Ce que vous faites
  • Download from the menu Rapports
  • Filtrez par mois, par société
  • Request on-the-fly generation for a custom period
  • Forward to your management, provider or auditor
Ce que le système fait
  • Generates the PDF in the background on the 1st of the month (scheduled job)
  • Aggregates: alerts by criticality, top CVEs, compliance scores, active/inactive agents, average MTTR
  • Stores encrypted files on disk, isolated per tenant
  • Notifie par e-mail quand prêt
💡
Pour le dirigeant : this PDF is documented proof of your security posture each month. Useful internally (executive committee, board), externally (clients requiring a supplier audit, cyber insurance, regulator audit).
08 — Security du portail

The portal is itself a security product

2FA, email verification, lockout after failed attempts, JWT RS256, tenant isolation at the database level: portal security is treated as the security of a critical production system.

Authentication & user accounts

  • Mots de passe : bcrypt (hash + sel), jamais stockés en clair.
  • JWT RS256 : tokens signed by RSA private key, verified by public key. No risk of client-side tampering.
  • Vérification e-mail obligatoire on signup: 6-digit code + 3 reminders (D+7, D+14, D+21). Without validation: account suspended.
  • 2FA TOTP obligatoire before the first remote agent: QR code + 10 backup codes. Compatible with all standard authentication apps.
  • Verrouillage après 5 essais : on the 5th failure, the account is locked and the email must be re-verified to unlock it.
  • Rate limiting : 200 requests per minute per IP by default, stricter on authentication routes.

Data isolation

  • tenant_id extracted from the signed JWT — cannot be forged, even by an authenticated user from another tenant.
  • Toutes les requêtes SQL filtrent par tenant_id côté backend (never on the frontend, never relying on the presentation layer).
  • Cybelia Security agents, alerts and incident events are tagged tenant:<id> et filtrés systématiquement.
  • PDF reports, CSV exports, emails are strictly scoped to the tenant.

Network & transport

  • HTTPS uniquement via reverse proxy + Let's Encrypt — TLS 1.2+ avec ciphers modernes.
  • CORS strict : uniquement le domaine officiel du portail.
  • Le frontend ne parle jamais directement to the Cybelia Cloud Security detection engine — everything goes through the backend which holds the secrets.
  • Connexion agent : outbound encrypted WebSocket (WSS) only. The agent receives no inbound connection — no open port on supervised machines.
🛡️
Pour le DPO : sovereign EU hosting, native GDPR, strict isolation by cryptographically signed tenant_id, full logging of access and actions, right to erasure supported by documented technical procedure.
09 — Multi-organisations

Native multi-tenant architecture

A superadmin manages N tenants. Each tenant can manage N companies (group entities). Cloisonnement strict en base de données, pas par convention applicative.

🏢
Cas d'usage MSP : a Managed Security Provider supervises 50 SMEs — each sees its own space, its alerts, its reports, without knowing anything about the 49 others. The MSP sees everything in superadmin mode. Architecture designed for resellers and outsourcers.

Resellers & sales management

  • Mode distributeur : a reseller can be assigned to several tenants for commercial pooling.
  • Crédits agents : each reseller has a quota of Cybelia Security agents free, sold or in demo.
  • Commissions : automatically traced in a dedicated table for reporting and reversal.
  • Facturation intégrée : payment gateway and native integration with Cybelia Cloud invoicing — unified accounting, no double entry.
💡
Pour le MSP : you invoice your clients from your Cybelia Cloud instance, you track your commissions automatically, you manage your 50 SMEs from one screen. Cybersecurity becomes a packaged, profitable offering with no operational complexity.
10 — Deployment de l'agent

A unified installer — Linux, macOS, Windows

A single script. Automatic OS detection, dependency installation, service configuration, connectivity validation with the portal. Graphical mode if a screen is available, otherwise command-line menu.

🐧Linux
Service systemd · binaires Ubuntu, Debian, RHEL.
Config : /etc/cybelia-agent/
Logs : journalctl -u cybelia-agent -f
🍎macOS
Daemon launchd · Intel et Apple Silicon.
Config : /Library/Application Support/Cybelia/
Logs : /var/log/cybelia-agent.log
🪟Windows
Service Windows natif · Windows 10/11/Server.
Config : C:\ProgramData\CybeliaAgent\
Logs : Event Viewer + agent.log
Ce que vous faites
  • Download the installer matching your OS from the portal
  • Launch it — the GUI opens (or CLI menu on a headless server)
  • Cliquez sur Installer, collez le token d'enrôlement
  • Le test de connectivité est automatique en fin d'installation
  • Pour désinstaller : même installeur, bouton Désinstaller (purge)
Ce que le système fait
  • Détecte l'OS, installe les dépendances nécessaires
  • Copies the runtime, writes the configuration with restricted ACLs
  • Crée et démarre le service système (systemd / launchd / service Windows)
  • Test : DNS + TCP + TLS + handshake WebSocket avec le token
  • En désinstallation : purge complète (service, fichiers, logs, config)
⚙️Mode non-interactif (déploiement de masse)
# Installation silencieuse
./cybelia-agent-installer --install --token AGENT_TOKEN --portal https://security.cybelia.cloud

# Désinstallation purge
sudo ./cybelia-agent-installer --uninstall

# Test de connectivité seulement
./cybelia-agent-installer --validate --portal https://security.cybelia.cloud
Allowlist de commandes : only commands from the families shell, sysinfo, services, logs, ping, resize are accepted by the agent. Any other command is rejected. 30-second timeout per command. Pas de RCE arbitraire possible depuis le portail.
11 — Cluster & scalabilité

From pilot to 5000+ agent deployment

The portal starts on a single node and switches to master/worker cluster mode as soon as load requires it. Real-time indicator for the superadmin, worker addition in one command.

Ce que le superadmin fait
  • Surveille l'onglet Cluster dans Admin
  • When the composite score exceeds 90 %, provide the IP of a new Ubuntu VM
  • Lance ./deploy_worker.sh <ip> <name>
  • The worker appears in the node list in under 60 seconds
Ce que le système fait
  • Calcule un score composite = max(CPU %, RAM %, file d'analyse %, disque %)
  • Niveaux : OK < 70 % Attention 70-90 % Critique ≥ 90 %
  • 15-second frontend polling, metrics computed on demand on the backend
  • Les scans SCA nocturnes sont échelonnés sur 4 heures via assignation déterministe par hash(agent_id) — pas de pic à minuit
  • The worker deployment script installs the Cybelia Cloud Security detection engine, configures the cluster and automatically verifies correct enrolment
📈
Capacité testée : 1 master Ubuntu 22.04 avec 8 vCPU et 16 Go de RAM supporte environ 2500 agents actifs. Beyond that, add a worker via a script. Capacity is linear with the number of workers — tested on 5000+ agent deployments.
12 — Rôles & Droits

4 access levels, backend-verified

Restrictions are applied côté serveur, pas seulement visuellement côté interface. Le tenant_id of the signed JWT conditions every SQL query — impossible to bypass.

Fonctionnalité Viewer Admin tenant Admin société Superadmin
Tableau de bord, alertes, agents
Télécharger rapports PDF
Using Cybele & AI tasks
Marquer alerte en faux positif
Déclencher un playbookLimité
Create / modify playbooks
Manage tenant users
Configurer les notifications
Activer la 2FA TOTP
Accès onglet Cluster
Gérer tous les tenants
Configuration SMTP & système globale
🔐
Garantie d'isolation : le tenant_id est extrait du token JWT signé RS256. Il est impossible, even by tampering with URL parameters or HTTP headers, to access another organisation's data with a valid token from another tenant — the SQL query filters mandatorily on the backend before any read.
Public concerné

Six profiles, one platform

From IT Director to DPO through CISO, auditor, MSP and executive — each role has views and rights tailored to its responsibilities.

IT Director

IT Director / IT Manager

Consolidated view of the fleet, CVE vulnerability tracking, agent deployment, cluster, technical KPIs.

DPO

DPO & Compliance

GDPR, NIS2, ISO 27001 scores per framework. Monthly PDF report usable as proof of regulator due diligence.

RS

CISO

Real-time alerts, MITRE ATT&CK playbooks, compliance scoring, risk analysis.

MSP

MSP / Reseller

Multi-tenant superadmin mode: supervision of N SMEs from a single portal, agent credits, native billing.

DG

Executive

Mainstream monthly PDF report, "For the executive" callouts, overview without technical jargon.

AU

External auditor

CSV compliance exports, full timestamped history, exportable scores by framework.

Proprietary cloud SIEM, open-source stack to integrate or Cybelia Cloud Security — which model to choose?

Three ways to cover the cybersecurity of an SME, a group or an MSP fleet — three budgets, three effort levels, three levels of sovereignty.

SIEM cloud propriétaire étranger vs Open-source stack to integrate yourself vs Cybelia Cloud Security
Hébergement hors EU — données potentiellement soumises au Cloud Act ou équivalent ~Hosting at your expense — security, updates, compliance to organise Hébergement souverain EU, RGPD natif, isolation tenant_id signé cryptographiquement
Per-event, per-gigabyte ingested, per-user billing — unpredictable and growing cost ~Open source = "gratuit" mais coût caché en intégration et maintenance Abonnement Cybelia Cloud par agent — coût maîtrisé, sans surprise
Multi-tenant en option payante ou inexistant — un SIEM par client pour un MSP ~Multi-tenant to develop or patch yourself — risk of cross-client leak Multi-tenant natif : un MSP supervise 50 SME depuis un seul portail, cloisonnement garanti
IA / analyste virtuel : module premium, parfois facturé à l'API call ~AI to integrate yourself — investment and skills required Cybele incluse : OCR logs, analyste SOC 24h/24, triage IA des faux positifs
PDF reports as paid option, often rigid and not customisable ~Reports to design and generate yourself Rapport PDF mensuel automatique par tenant — preuve de diligence opposable
Agents par OS facturés séparément (parfois licence Linux vs Windows distinctes) ~Open-source agents to compile/maintain for each OS Agent unifié Linux / macOS / Windows — un seul installeur, un seul tarif
Limited compliance frameworks (often CIS + one or two others) ~To map and maintain yourself against regulatory changes 10+ frameworks covered (CIS, GDPR, NIS2, ISO 27001, PCI DSS, HIPAA, NIST, SOC 2, CMMC, GPG 13)
Support en anglais, fuseaux horaires défavorables, escalade complexe ~Support communautaire — variable selon le projet Support francophone, fuseau EU, escalade directe à l'équipe Cybelia Cloud
Le choix Cybelia Cloud Security : the same rigour as a commercial SIEM (multi-tenant, AI, reports, broad compliance), with the sovereignty of an EU solution hosted in the EU. No dependency on a foreign cloud, no data leaving the territory. Designed from the start for European SMEs, groups and MSPs — not a US product marginally adapted to the European market.

FAQs

Questions from IT directors, DPOs, CISOs and MSPs before switching to Cybelia Cloud Security.

Trois différences fondamentales. Hébergement souverain in the EU — your data never leaves the territory, no exposure to the Cloud Act or equivalent. Multi-tenant natif avec isolation par tenant_id signé cryptographiquement — un MSP supervise 50 SME depuis un seul portail. IA intégrée sans coût additionnel — Cybele (24/7 SOC analyst, log OCR, AI false-positive triage) is included, not a premium option billed by usage. Plus multilingual support and predictable per-agent billing instead of the "per-event or per-gigabyte ingested" model.

Cybele accède en lecture seule to the alerts, agents, CVEs and logs of the current tenant — exclusively. Strict isolation guaranteed by the same multi-tenant architecture as the rest of the portal: a false positive recorded in one tenant doesn't affect any other tenant, a recommendation never propagates across clients. All AI actions are logged and auditable in the event log. You can choose between theIA Cybelia Cloud souveraine (hébergée EU) par défaut, ou Claude (Anthropic) en option pour les analyses complexes.

Une instance master sur Ubuntu 22.04 (8 vCPU, 16 Go RAM) supporte environ 2500 agents actifs. Au-delà, ajout d'un worker en un script — la capacité est linéaire avec le nombre de workers. Architecture tested on 5000+ agent deployments. The composite score (max CPU/RAM/analysis queue/disk) is shown in real time to the superadmin with three alert levels (green < 70 %, yellow 70-90 %, red ≥ 90 %). Nightly SCA scans are staggered over 4 hours via deterministic hash — no spike at midnight even at 5000 agents.

Un installeur unifié pour Linux (systemd), macOS (launchd) et Windows (service natif). Download from the portal, launch, paste the enrolment token — the GUI does the rest (or CLI menu on a headless server). Automatic connectivity test at end of install (DNS + TCP + TLS + WebSocket handshake). For mass deployment, non-interactive mode via script (--install --token AGENT_TOKEN) integrable into GPO, Ansible, Puppet, MDM or any other deployment tool. Full purge uninstall available.

Strict isolation guaranteed at the database level, not by application convention. The tenant_id est extrait du JWT signé RS256 (clé privée RSA, vérification par clé publique). Il est impossible, even by tampering with URL parameters or HTTP headers, to access another organisation's data with a valid token. All SQL queries filter by tenant_id on the backend (never on the frontend). Agents, alerts, PDF reports, CSV exports and emails are strictly scoped to the tenant. For an MSP: its 50 SME clients don't see each other, the MSP sees everything in superadmin mode.

The NIS2 directive (transposed into EU national law) requires essential and important entities to implement technical measures for cyber risk management, incident detection, and authority notification. Cybelia Cloud Security addresses several key requirements: scoring NIS2 automatique par équipement et par référentiel, détection d'incidents 24h/24 avec délai < 60 secondes, rapports PDF mensuels opposables à l'audit, playbooks MITRE ATT&CK for incident response, full logging of access and actions. The monthly report constitutes proof of due diligence in case of audit or incident.

Distinguer l'installation technique of the portal and the first agent (fast via playbook) of the mise en exploitation effective across the entire fleet. The rollout phase includes: configuring tenants and companies, deploying the agent on all workstations/servers via GPO or orchestration tool, configuring playbooks adapted to your use cases, setting up notifications, training the IT / CISO / DPO teams. This phase runs over quelques semaines depending on fleet size and organisational complexity. The Cybelia Cloud team supports you with a pilot on a subset of the fleet before generalisation.

Your data belongs to you. Full export available at any time in CSV / JSON format: historical alerts, compliance scores, inventory of agents and vulnerabilities, full timestamped audit log, archived monthly PDF reports. Procedure for droit à l'effacement GDPR documented technically. If you cancel your subscription, you recover all your data in a reusable format. Cybelia Cloud commits contractually to portability — no "proprietary lock-in" effect.

Deploying Cybelia Cloud Security across your fleet

The Cybelia Cloud team supports deployment: portal installation, configuration of tenants and companies, agent deployment on a pilot subset before generalisation. Designed for European SMEs, groups and MSPs.

Request a demo Parler à un expert cybersécurité
Cybelia Cloud Security

Portail de supervision cybersécurité multi-tenant — v1.1 — Mai 2026

Hébergé en EU · RGPD natif · Support francophone · Conforme NIS2, ISO 27001, CIS, PCI DSS

© Cybelia Cloud — Tous droits réservés

CRM & ERP | WMS & TMS
⚠ Full article available in French only — translation in progress.