• متوافق مع ISO 27001
  • متوافق مع GDPR
  • اتفاقية توفر 99.9%
  • تشفير AES 256 بت
  • إقامة بيانات متعددة المناطق
Axix Technologies

[COMING_SOON_ARABIC] المحتوى العربي لهذه الصفحة قيد التوطين. يُعرض المحتوى الإنجليزي أدناه.

🐉 Axix Technologies · Sovereign Cyber Defense Platform

Autonomous Defense for
Converged IT, OT
& IIoT Environments

CyberDragon correlates telemetry from enterprise IT and industrial OT into a single autonomous detection-to-response loop — with hybrid post-quantum identity, OT safety guardrails, and multi-tenant MSSP architecture built in from day one.

PQC
Post-quantum identity live
47
Microservice stack
15K+
Live IOCs in real-time
4
Compliance frameworks built in
Kill-Chain Correlator
Live APT detection · IT + OT fused
ReconDetected
Lateral MoveBlocked
OT ProtocolCorrelated
ResponseAutomated
ML-DSA-65 + Ed25519 Hybrid PQC
Modbus TCP & DNP3 Native Parsing
Multi-Tenant MSSP Architecture
IEC 62443 · NIST CSF · NERC CIP
Air-Gapped Deployment Ready
Analyst Copilot & SOAR
Deployed across critical infrastructure, energy, defense & industrial enterprises
Maple Leaf Cement
Huawei Middle East
Maple Leaf Cement
Huawei Middle East
How It Works
From Raw Telemetry
to Closed Kill-Chain
A fully autonomous pipeline — ingesting OT packets and IT logs, correlating threat chain stages, enriching with threat intelligence, and enforcing OT-safe automated response.
1
Edge Passive Collection
CyberDragon Edge captures Modbus TCP, DNP3, and OPC-UA traffic at the plant — zero footprint, no agent on PLCs or RTUs. Events buffer offline and replay on reconnect.
2
TI Fusion & Normalize
Every event passes through 15,000+ live IOCs (Abuse.ch, OTX, GreyNoise) and MITRE ATT&CK / ICS ATT&CK stage mapping — in-flight, before detection runs.
3
Kill-Chain Correlation
Cascading window correlator (W15 → W60 → W24) reconstructs multi-stage campaigns including IT→OT pivots. One incident, not a thousand noise alerts.
4
OT-Safe Response & SOAR
Temporal orchestrates approval-gated playbooks. OPA independently evaluates every action against OT safety guardrails. Analyst Copilot guides remediation with full threat chain context.
Platform Capabilities
13 Built-In Capabilities.
Zero Bolt-Ons.
Every module shares the same tenant boundary, asset inventory, evidence vault, and risk scoring — not a patchwork of integrations.
Autonomous Threat Chain Detection
Cascading W15/W60/W24 correlation across MITRE ATT&CK + ICS ATT&CK stages. Surfaces IT→OT pivots. Neo4j risk correlation graph in Analyst Copilot UI.
MITRE ATT&CKICS ATT&CKNeo4j
Hybrid Post-Quantum Identity
ML-DSA-65 + Ed25519 hybrid JWTs on every login, API call, and Edge→Core transport. Vault-backed signing. 7-tier RBAC via OPA. Live today, not roadmap.
ML-DSA-65Ed25519NIST FIPS 204
OT Safety Guardrails
OPA independently evaluates every automated action against asset-type allowlists, dual-approval gates, and maintenance windows — even if a human already clicked approve.
OPADual-ApprovalPLC/HMI/RTU
Multi-Tenant MSSP Architecture
PostgreSQL row-level security — cross-tenant leakage is structurally impossible. MSSP Operator portal for portfolio-wide visibility, per-tenant IEC 62443 compliance tracking.
RLS IsolationMSSP PortalZero Leakage
Threat Intelligence Fusion
15,000+ live IOCs enriching every event in-flight: Abuse.ch (10K+), MITRE TAXII, AlienVault OTX, GreyNoise internet noise filtering, and control-validation workflow integration.
Abuse.chOTXGreyNoise
OT Protocol-Native Edge
Passive Scapy/libpcap on SPAN port — zero active footprint. Native Modbus TCP + DNP3 parsing. 5,000-event SQLite offline buffer with auto store-and-forward.
Modbus TCPDNP3OPC-UA
SOC Analyst Copilot
Unified incident queue, MITRE ATT&CK timeline, Neo4j risk correlation graph, note-taking, playbook execution with Temporal approval gates, and evidence trail — all in one UI.
TemporalSOARPlaybooks
Tamper-Evident Evidence Vault
SHA hash-chained audit trail per tenant. Every incident, playbook, compliance mapping, and guardrail denial is cryptographically linked. On-demand verify API for auditors.
Hash ChainMinIOAudit-Ready
Risk Scoring & FAIR Matrix
Continuous per-asset and per-tenant FAIR-inspired risk scoring updated via Kafka delta events. MITRE technique breakdown. Asset Risk Map heatmap in Analyst Copilot.
FAIRKafkaReal-Time
Compliance Framework Management
IEC 62443-3-3, NIST CSF 2.0, ISO 27001:2022, NERC CIP — per-control evidence mapping, gap analysis, and audit-ready PDF export. Not event tagging.
IEC 62443NERC CIPNIST CSF
Executive & Auditor Reporting
Template-driven PDFs in seconds: Board Summary, CISO Monthly, Auditor Packet, Gap Analysis. Live platform data — threat chain stages, MTTD, compliance posture. MinIO-archived.
Board SummaryPDFMTTD
Analyst Copilot & SOAR
LLM-guided incident triage, threat chain visualization, and approval-gated response playbooks. OPA guardrails enforce OT safety on every automated action before execution.
LLM CopilotTemporal SOAROPA Guardrails
Full-Stack Observability
Prometheus + Grafana across all 47 services. Custom cd_ metrics. Alertmanager rules for Kafka consumer lag, service health, and error rate thresholds. Platform Health dashboard.
PrometheusGrafanaAlertmanager
Deployment Options
Your Data. Your Rules.
Your Deployment.
CyberDragon deploys across four models — from Axix-hosted SaaS to fully air-gapped classified networks. Same platform, same capabilities, every model.
Best for: Mid-Market & MSSPs
SaaS — Axix Hosted
CyberDragon Core runs in Axix's managed multi-tenant cloud. Tenant provisioned in days. Edge collectors deploy on-site and connect over PQC-secured transport. No infrastructure procurement needed.
Best for: Regulated Industries & Banking
Private Cloud — Customer VPC
Single-tenant Core in your AWS, Azure, GCP, or sovereign cloud VPC — managed by Axix. Your data never shares infrastructure with other customers. Contractual data residency without on-premises hardware.
Best for: National Utilities & Defense Contractors
On-Premises — Customer Data Center
Full CyberDragon Core stack in your data center. All telemetry, evidence, and audit records remain within your physical boundary. Edge collectors connect over PQC-secured transport — data never leaves your network.
Best for: Classified Networks & Nuclear Facilities
Air-Gapped — No External Connectivity
Pre-built container image bundles + offline threat-intelligence feed packages. Edge collectors buffer events locally and sync during controlled transfer windows. Zero outbound internet required for any Core or Edge operation.
Platform Comparison
CyberDragon vs Generic SIEMs
& OT Monitoring Tools
Most platforms treat OT as an afterthought. CyberDragon was architected OT-native from the first commit.
CapabilityCyberDragonGeneric SIEMOT Monitor Only
Native OT protocol parsing (Modbus, DNP3) Passive Edge
Hybrid post-quantum identity (ML-DSA-65) Live today
Kill-chain correlation (MITRE ATT&CK + ICS) Cascading W15/W60/W24 Partial
OT safety guardrails on automated response OPA enforced
Multi-tenant MSSP architecture (DB-level RLS) PostgreSQL RLS Logical only
Tamper-evident hash-chained evidence vault SHA chain per tenant Log retention only
Unified IT/OT risk & compliance dashboard Single platform IT-focused OT-only scope
Air-gapped deployment (no internet required) Partial
Built-in compliance frameworks (IEC 62443, NERC CIP) Per-control evidence mapping Rules only
FAIR risk scoring with Kafka real-time delta
Compliance
Four Frameworks.
Per-Control Evidence Mapping.
Compliance is an operational outcome, not a checkbox. CyberDragon maps platform-generated evidence — incidents, audit trail, playbook executions, guardrail evaluations — directly to specific control requirements.
IEC 62443-3-3
System security requirements & security levels for industrial automation and control systems. SR1.1 through SR7.x control families.
NIST CSF 2.0
Identify, Protect, Detect, Respond, Recover functions for enterprise and converged IT/OT environments.
ISO/IEC 27001:2022
Information security management system controls and Annex A requirements with cryptographic chain-of-custody.
NERC CIP
Bulk electric system cyber security requirements. Gap analysis identifies unmet controls with remediation workflows.
Why CyberDragon
Built OT-Native.
Not Retrofitted.
Every design decision was made for Purdue-segmented environments where a misconfigured automated response can trip a safety instrumented system.
Post-Quantum Identity — Today
RSA and ECDSA tokens will not withstand a cryptographically relevant quantum adversary. Every CyberDragon session is signed with ML-DSA-65 + Ed25519 hybrid JWTs, Vault-backed and verifiable now — not promised in a future release.
Kill-Chains, Not Alert Floods
Individual signature matches on Modbus function codes produce hundreds of disconnected alerts. CyberDragon's cascading correlator (W15→W60→W24) reconstructs multi-stage campaigns into one incident with IT→OT pivot context.
OPA Guardrails Independent of Approval
Unconstrained SOAR playbooks that push config changes to PLCs have caused real production outages. CyberDragon's OPA policy engine evaluates every automated action against OT safety rules independently — even after human approval.
MSSP-Native at Database Level
Single-org SIEMs force MSSPs to deploy separate instances per customer. CyberDragon implements full PostgreSQL row-level security tenant isolation — verified zero cross-tenant data leakage in regression testing.
Proof of Integrity, Not Just Existence
Standard audit logs can be altered by anyone with database admin access. CyberDragon's hash-chained evidence vault cryptographically links every entry to its predecessor — with on-demand chain verification for auditor handoff.
Detection + Validation in One Platform
Organizations run annual assessments with findings in spreadsheets while their SIEM generates unrelated alerts year-round. CyberDragon unifies detection, risk scoring, and compliance evidence in one FAIR-aligned platform and vault.
Customer Stories
Trusted by Security Teams
Who Cannot Afford Downtime
From tier-1 energy utilities to MSSP operators managing multi-industrial portfolios.
★★★★★

We evaluated three SIEM vendors and two OT-specific platforms before selecting CyberDragon. The difference was immediate: our first OT anomaly scenario was correlated into a six-stage threat chain incident in under fifteen seconds, with MITRE ICS techniques mapped on the timeline. The OPA guardrails gave our plant managers confidence that automated response would never touch a PLC without policy approval — that was the decision point for our board.

CISO — Tier-1 Energy Utility
Oil & Gas · On-Premises Deployment
★★★★★

Passive Edge collection was non-negotiable for us — we cannot install agents on safety instrumented systems. CyberDragon Edge deployed in two days across three substations with zero network impact. When we lost WAN connectivity during a maintenance window, the SQLite buffer held five thousand events and replayed automatically. Our OT team finally has visibility without compromising safety.

OT/ICS Security Lead — Regional Electric Utility
Critical Infrastructure · SaaS Deployment
★★★★★

Managing twelve industrial clients on separate SIEM instances was unsustainable. CyberDragon's MSSP portal gives us cross-tenant incident visibility with database-level isolation we can demonstrate to auditors. Per-tenant compliance tracking against IEC 62443 means we deliver audit-ready reports without manual spreadsheet work. Our analysts handle three times the client portfolio with the same headcount.

Director of Security Operations — Managed Security Service Provider
MSSP · Multi-Tenant SaaS
★★★★★

Our compliance team used to spend weeks assembling IEC 62443 evidence from three different tools. CyberDragon links every incident artifact to specific control IDs in the hash-chained vault — auditors get a verified chain export in minutes, not months. Detection, risk, and compliance finally share one source of truth.

Compliance Director — Industrial Software Manufacturer
Manufacturing · Private Cloud
Pricing

Hybrid Asset-Based Pricing for Every
IT/OT Deployment

CyberDragon charges on value delivered: base platform fee + per-asset usage + low-cost Edge collectors to maximize telemetry coverage and reduce network blind spots.

Cancel anytime · ISA-62443-aligned · Save 17% on annual billing

Free Trial
7 days · Full network discovery · No credit card
$0 USD/month

7-day trial window · 1 Edge collector included · Credentials emailed instantly

  • Full network discovery and asset inventory scan
  • Asset discovery report — see exactly how many assets are on your network and what your plan would cost
  • Basic passive collection only (Modbus TCP, DNP3)
  • 1 Edge collector included
Start Free Trial →

Cancel anytime · Cancellation policy

Standard
Threat detection · For single-facility deployments
$980 USD/month

Base platform fee billed monthly (USD)

Usage limits

  • Included25 assets + 2 Edge collectors
  • Additional assets$12 USD/asset/month
  • Additional Edge collectors$12 USD/month each
  • Billing modelBase platform + usage overages
  • Full CyberDragon Core platform (threat chain correlator, TI fusion, compliance mapping)
  • Passive OT protocol parsing (Modbus TCP, DNP3)
  • Essential module: Passive Discovery + Basic Events
  • Advanced module: Threat Hunting + Vulnerability Management
  • 4 compliance frameworks (IEC 62443-3-3, NIST CSF 2.0, ISO 27001:2022, NERC CIP)
  • Email support

Cancel anytime · Cancellation policy

VisaMastercardAmexPayPal
Most Popular
Premium
Advanced & managed · For multi-facility / MSSP operations
$1,980 USD/month

Base platform fee billed monthly (USD)

Usage limits

  • Included100 assets + 5 Edge collectors
  • Additional assets$36 USD/asset/month
  • Additional Edge collectors$12 USD/month each
  • Billing modelBase platform + usage overages
  • Everything in Standard
  • Premium module: AI-based Anomaly Detection + Incident Response Playbooks
  • MSSP multi-tenant portal (PostgreSQL row-level tenant isolation, cross-tenant portfolio dashboard)
  • Post-quantum hybrid identity (ML-DSA-65 + Ed25519) — live today, not roadmap
  • Tamper-evident evidence vault (hash-chained audit trail)
  • Axix 24/7 SOC support
  • Advanced compliance reporting (per-control evidence mapping, audit-ready export)

Cancel anytime · Cancellation policy

VisaMastercardAmexPayPal

What This Looks Like in Practice

A 300-asset industrial facility with 5 Edge collectors:

StandardPremium
Platform fee$11,760/yr$23,760/yr
Asset overage275 × $144/yr = $39,600200 × $432/yr = $86,400
Edge collector overage3 × $144/yr = $432Included (5 collectors covered)
Total/year~$51,792~$110,160
Estimate your cost →

Enterprise OT Security, Priced on Value Delivered — Not Just Hardware

Same category, transparent economics. See how CyberDragon's asset-based pricing compares to platforms using per-site or opaque enterprise pricing.

MetricCyberDragonDragosClarotyMS Defender for IoT
Charging basisPer protected asset + platform feePer site / SiteStorePer protected asset + modulesPer site or per device
Entry price$980/mo (Standard)~$10,000/yr entry tierFrom ~$150,000/yr$70–$400+/site/mo
300-asset example (annualized)~$51,792–$110,160/yrNot publicly disclosed at this scale$150K–$1M+/yrRequires M365 E5 / Defender P2
Native OT protocol parsingPartial
Post-quantum identity (ML-DSA-65) Live today
Air-gapped, no outbound internetPartialPartial
MSSP multi-tenant portalBuilt-inPartner programPartner programLimited
Deployment modelSaaS, Private Cloud, or Air-GapOn-prem / hybridOn-prem / hybrid / cloudCloud-tethered only

*Competitor pricing based on publicly available vendor data and third-party review platforms as of July 2026. Dragos and Claroty do not publish per-asset rates; figures reflect industry-general estimates and typical published entry tiers. Actual enterprise contract pricing varies by deployment size and is individually negotiated.*

Pricing FAQ

Your subscription begins automatically at the plan rate you selected unless you cancel before the trial ends. You will receive email reminders before billing starts. Cancel anytime from your tenant admin portal with no penalty on self-serve plans.

CyberDragon uses hybrid asset-based pricing: a platform fee plus low-cost per-asset and per-Edge-collector overages. Standard starts at $980/mo (includes 25 assets + 2 collectors). A 300-asset facility with 5 collectors runs about $51,792–$110,160/yr depending on plan — transparent economics vs opaque enterprise OT contracts.

Yes. Add protected assets or Edge collectors anytime from your account portal. Standard overages are $12/asset/mo and $12/collector/mo; Premium is $36/asset/mo and $12/collector/mo beyond included limits.

Free Trial and Standard have no setup fee. Premium includes advanced compliance reporting and Axix 24/7 SOC support. Deployments above self-serve limits are quoted through sales.

We accept Visa, Mastercard, American Express, and PayPal on self-serve plans. Platform fees bill monthly; asset and collector overages follow your selected billing cycle. Cancel anytime before your next billing cycle.

Yes. Annual platform billing saves 17% — Standard $9,780/yr and Premium $19,740/yr versus paying monthly platform fees.

Need more than 50 Edge collectors? Talk to Sales →

Talk to a SaaS Expert →

Contact Sales

Talk to Our Security Team

Enterprise deployments, MSSP partnerships, and OT environments above self-serve limits — submit the form and our team will follow up from HubSpot.

FAQ
Questions Security Leaders Ask

A traditional SIEM aggregates logs and applies correlation rules — often producing high alert volume with limited OT context. CyberDragon is a converged IT/OT/IoT defense platform: passive Edge collectors parse industrial protocols natively, a threat chain correlator reconstructs multi-stage campaigns across cascading time windows, TI fusion enriches every event in-flight, and OPA guardrails constrain automated response for OT safety. It is designed for Purdue-segmented environments, not retrofitted from enterprise log management.

No. CyberDragon Edge operates as a passive collector using Scapy/libpcap packet capture on a SPAN/mirror port or network tap. It does not install software on PLCs, HMIs, RTUs, or safety instrumented systems. Edge parses Modbus TCP, DNP3, and OPC-UA from captured traffic and forwards normalized events to Core. This passive-first design is a core architectural principle.

CyberDragon supports fully air-gapped deployment via pre-built container image bundles and offline threat-intelligence feed packages. Edge collectors buffer events in a local SQLite queue (5,000-event capacity) and synchronize with Core during controlled transfer windows. No outbound internet connectivity is required for detection, response, compliance, or evidence vault operation.

It means your authentication tokens are signed with both classical (Ed25519) and post-quantum (ML-DSA-65, NIST FIPS 204 / CRYSTALS-Dilithium) algorithms today — not in a future product release. Every analyst login, API call, and Edge-to-Core transport handshake uses hybrid PQC JWTs with Vault-backed key management. If a cryptographically relevant quantum computer emerges, your identity layer retains a quantum-resistant signature path. No migration project required — it is the default token format.

IEC 62443-3-3, NIST Cybersecurity Framework 2.0, ISO/IEC 27001:2022, and NERC CIP are pre-loaded with per-control evidence mapping, gap analysis, and audit-ready PDF export. Frameworks are installed per tenant via API. Compliance posture is not static tagging — evidence vault entries and incident artifacts are linked to specific control IDs with hash-chained integrity.

Yes. CyberDragon's multi-tenant architecture is MSSP-native: PostgreSQL row-level security enforces tenant isolation at the database level, and the MSSP Operator role provides cross-tenant incident visibility, portfolio health dashboards, and read-only evidence access across managed customers. Your MSSP operates the SOC; you retain tenant-admin control over users, compliance frameworks, and data sovereignty. MSSP operators cannot write evidence cross-tenant — isolation is enforced by policy and tested in regression suites.

Free Trial is $0 for 7 days with 1 Edge collector. Standard is $980/mo platform fee (includes 25 assets + 2 collectors) with $12/asset/mo and $12/collector/mo overages. Premium is $1,980/mo (includes 100 assets + 5 collectors). A 300-asset deployment with 5 collectors runs about $51,792–$110,160/yr. Annual platform billing saves 17%. Online signup supports up to 50 Edge collectors; contact sales for larger deployments.

SaaS tenants are provisioned in days with immediate analyst UI access. A proof-of-value deployment with one Edge collector typically completes within two to four weeks, including passive tap installation, Edge configuration, and Core tenant setup. Full on-premises or air-gapped deployments with multiple Edge sites require four to twelve weeks depending on infrastructure readiness and security review cycles. Contact Axix for deployment SLAs specific to your model.

One Platform.
Every Layer of Your Defense.

When your IT, OT, and IIoT environments share a converged risk surface, you need a defense platform that speaks every protocol, correlates every stage, validates every exposure, and protects every automated action — with cryptography built for the next decade, not the last one.

🐉
CyberDragon Assistant
● Online · Axix Technologies
Hi! I'm the CyberDragon assistant. What can I help you with?
🐉

الأسئلة الشائعة

إجابات سريعة قبل حجز عرض أو جلسة استراتيجية.

ما الذي تقدمه أكسيكس في مجال ICS and OT cybersecurity؟
أكسيكس تكنولوجيز منصة مؤسسية بالذكاء الاصطناعي للنمو والعمليات والحماية — بما في ذلك ICS and OT cybersecurity — مع نشر في باكستان والخليج والمملكة المتحدة وأوروبا وكندا. تواصل معنا عبر صفحة التواصل.
هل يمكن دمج الحل مع أنظمتنا الحالية؟
نعم. واجهات API وتكاملات مع ERP وHRMS والكاميرات والتحكم في الدخول وSIEM حسب نطاق المشروع.
كم يستغرق التنفيذ عادة؟
المواقع التجريبية غالباً من أسبوعين إلى ستة أسابيع حسب الحجم والتكاملات، مع تدريب الفريق ودعم ما بعد الإطلاق.
هل تدعمون العربية والإنجليزية؟
واجهات عربية وإنجليزية متاحة للمشغلين والموظفين والإدارة في نشرات الخليج والشرق الأوسط.
كيف يتم التسعير؟
اشتراكات مؤسسية وتراخيص حسب المواقع والوحدات. تواصل معنا لمقترح مخصص بعد جلسة اكتشاف.
هل البيانات تبقى داخل المنطقة؟
خيارات سحابية وحافة ومحلية تُصمم مع فريقك لتلبية الإقامة والامتثال.
كيف أبدأ؟
احجز عرضاً أو جلسة استراتيجية عبر axixtechnologies.com/contact. تواصل معنا عبر صفحة التواصل.