Overview
CYE AI serves as a multi-functional intelligence layer that transforms complex security data into actionable business outcomes. While it features a natural-language chat interface for exploring risk, its capabilities extend into deep-tissue platform automation. It acts as an automated data analyst for importing findings, a portfolio strategist for managing subsidiaries, and a content creator for generating board-ready presentations. By connecting directly to your live risk models, CYE AI eliminates manual data wrangling and accelerates the path from raw telemetry to strategic mitigation.
Core Capabilities
1. Strategic Chat & Risk Exploration
CYE AI acts as a 24/7 security analyst, supporting complex queries across your entire security environment. Ask natural-language questions about your findings, exposure, etc. It doesn't just retrieve text; it calculates "what-if" scenarios, such as how a $5M budget allocation would affect your overall exposure.
Findings & Prioritization: "What are my top 10 findings?" or "Give me a mitigation recommendation for Finding X."
Exposure & Risk: "Explain why my exposure increased this month" or "What is my exposure per Business Critical Asset?"
Financial Impact: "What is my organization’s Cost of Breach (CoB) and how does it compare to industry benchmarks?"
Maturity: "Where are our biggest maturity gaps compared to our peers?"
Real-Time Use Cases: Use the chat during incidents or tabletop exercises to rapidly query exposure and prioritize response actions without manual reporting.
2. Intelligent Finding Ingestion & Suggestion
The AI automates the heavy lifting of data onboarding. When you upload finding reports (PDF, Excel, CSV) from external scanners or pentests:
Pattern-Based Extraction: It parses unstructured documents to identify candidate findings, eliminating manual data entry.
AI-Driven Auto-Mapping: The agent automatically maps incoming data to NIST, MITRE ATT&CK, and internal finding types.
Contextual Suggestions: For every ingested finding, the AI suggests mitigation steps and estimates business impact based on the specific context of your organization’s assets.
Validation Table: You maintain final authority. Every AI-generated field is marked with a distinct icon, allowing you to review and verify suggestions before they are committed to your live environment.
3. PPTX Generation (Automated Reporting)
Transform complex data analysis into an editable PowerPoint (.pptx) file in seconds.
The Workflow: Finalize your narrative in the chat first (e.g., "Summarize our Q1 risks and the top 3 items for the board"). Once satisfied, ask: "Create a PPTX for the board based on this analysis."
The Output: The AI packages your specific findings, tables, and metrics into a deck that you can download and drop into your corporate template.
4. Writing and Governance Helper
Maintain high standards across your findings catalog by using the AI to:
Refine Descriptions: Rephrase technical jargon into clear, professional language for non-technical stakeholders.
Ensure Consistency: Standardize terminology and mitigation plans across findings from different sources to make your database easier to govern.
5. Group-Level Management Intelligence
For parent organizations, CYE AI acts as a Group-Level Analyst. It can identify the specific drivers of risk across your subsidiaries:
Risk Attribution: Ask which specific subsidiaries contribute the highest percentage to your total global exposure.
Pattern Recognition (Outliers): Spot subsidiaries/portfolios that report high maturity scores but maintain disproportionately high exposure levels.
Targeted Identification: Ask the AI to name subsidiaries falling below industry benchmarks or those with the highest Likelihood of Breach (LoB).
Security and privacy
CYE AI is built with strict data isolation and adheres to industry standards, including GDPR.
Tenant Isolation: Your data remains private and isolated to your specific environment.
AWS Bedrock Environment: CYE AI runs on private LLMs within a secure, managed environment.
Zero Training: Your chat history, transcripts, and uploaded files are not used to train or fine-tune the underlying AI models.
RBAC Integration: Access is governed by your existing Role-Based Access Control settings.
For a deep dive into our security architecture, refer to the ‘CYE — AI Governance Overview’ (Link)
How to Get Started
Locate the Icon: Click the AI icon in the bottom navigation bar of the platform.
Open the Panel: The chat window opens instantly, allowing you to use suggested prompts or type your own.
Run a Scenario: Ask, "How can I reduce my exposure by 5M within my current budget?" to see the AI's reasoning in action.
Known Constraints & Scope
Optimized Analysis: Detailed finding lookups are currently optimized for your top 25 priority findings.
Graph Data: CYE AI does not currently have access to Attack Routes or Graph Data. For route-specific analysis, please use the Graph Mode in the platform.
Trend & Historical Data: CYE AI works with your current-state data. Time-based comparisons such as changes in exposure or maturity over time are not yet supported.
Reports: CYE AI cannot retrieve or reference generated platform reports. To view or export reports, use the Reports section directly.
Technical Assets: CYE AI does not currently have visibility into the technical asset inventory. For asset-level detail, navigate to the Assets page.
Language: CYE AI currently supports English only.
Wrap-up / Next Steps
CYE AI is designed to be an active participant in your workflow, not just a passive search tool. To get started:
Run a Test Query: "Where am I most exposed right now?"
Automate an Ingestion: Use the Intelligent Finding Ingestion to upload your next pentest report.
Generate a Report: Once you've discussed a risk in chat, ask for a PPTX to share it with your team.