Gyala Agger is a cybersecurity platform designed for IT/OT/IoT environments, providing automated detection and reaction capabilities at the individual endpoint level. Built on AI algorithms originally developed for military applications, the platform targets cyber resilience for critical infrastructure operating 24/7. Key functional modules include: - **Discovery**: Active and passive network discovery for IT and OT devices - **Risk Management**: Mapping relationships between devices and services, with incident impact evaluation - **Network Detection**: Application-layer content analysis, behavioral modeling, and incident blocking - **Anomaly Detection**: Behavioral analysis of IoT and OT devices based on operational states - **Endpoint Detection**: Behavioral analysis of running processes across IT, OT, and network endpoints - **Threat Analysis**: Global threat intelligence correlation across IT, OT, and network events - **Reaction**: Automated responses via preconfigured playbooks or custom per-endpoint rules, with 0-second reaction time - **Incident Management**: Unified interface for managing IT and OT incidents with historical correlation - **Log Collection**: Platform log analysis, third-party log ingestion, and correlation Agger supports deployment in cloud, on-premises, and air-gapped (segregated) network environments. It supports legacy operating systems and allows detection and reaction rules to be customized down to the individual agent/endpoint level. The platform aligns with compliance frameworks including NIS2, DORA, AGID, MITRE ATT&CK, IEC 62443, and the NIST Cybersecurity Framework.