Overview
CYE AI serves as a multi-functional intelligence layer that transforms complex security data into actionable business outcomes. While it features a natural-language chat interface for exploring risk, its capabilities extend into deep-tissue platform automation. It acts as an automated data analyst for importing findings, a portfolio strategist for managing subsidiaries, and a content creator for generating board-ready presentations. By connecting directly to your live risk models, CYE AI eliminates manual data wrangling and accelerates the path from raw telemetry to strategic mitigation.
Related Videos
Cye-AI Intro - https://youtu.be/fEgc1qc6Q28
Core Capabilities
Strategic Chat & Risk Exploration
Strategic Chat & Risk Exploration
CYE AI acts as a 24/7 security analyst, supporting complex queries across your entire security environment. Ask natural-language questions about your findings, exposure, etc. It doesn't just retrieve text; it interprets and contextualizes your security data to support real decisions.
Findings & Prioritization: "What are my top 10 findings?" or "Give me a mitigation recommendation for Finding X."
Exposure & Risk: "Explain why my exposure increased this month" or "What is my exposure per Business Critical Asset?"
Financial Impact: "What is my organization’s Cost of Breach (CoB) and how does it compare to industry benchmarks?"
Maturity: "Where are our biggest maturity gaps compared to our peers?"
Technologies & Processes: "What technologies are deployed in my org?"
Real-Time Use Cases: Use the chat during incidents or tabletop exercises to rapidly query exposure and prioritize response actions without manual reporting.
Intelligent Finding Ingestion & Suggestion
Intelligent Finding Ingestion & Suggestion
The AI automates the heavy lifting of data onboarding. When you upload finding reports (PDF, Excel, CSV) from external scanners or pentests:
Pattern-Based Extraction: It parses unstructured documents to identify candidate findings, eliminating manual data entry.
AI-Driven Auto-Mapping: The agent automatically maps incoming data to NIST, MITRE ATT&CK, and internal finding types.
Contextual Suggestions: For every ingested finding, the AI suggests mitigation steps and estimates business impact based on the specific context of your organization’s assets.
Validation Table: You maintain final authority. Every AI-generated field is marked with a distinct icon, allowing you to review and verify suggestions before they are committed to your live environment.
PPTX Generation (Automated Reporting)
PPTX Generation (Automated Reporting)
Transform complex data analysis into an editable PowerPoint (.pptx) file in seconds.
The Workflow: Finalize your narrative in the chat first (e.g., "Summarize our Q1 risks and the top 3 items for the board"). Once satisfied, ask: "Create a PPTX for the board based on this analysis."
The Output: The AI packages your specific findings, tables, and metrics into a deck that you can download and drop into your corporate template.
Related Videos
Cye AI PPT - https://youtu.be/7GBbA6OHMT4
Writing and Governance Helper
Writing and Governance Helper
Maintain high standards across your findings catalog by using the AI to:
Refine Descriptions: Rephrase technical jargon into clear, professional language for non-technical stakeholders.
Ensure Consistency: Standardize terminology and mitigation plans across findings from different sources to make your database easier to govern.
Predictive Simulation (What-If Analysis)
Predictive Simulation (What-If Analysis)
CYE AI simulates hypothetical scenarios so you can weigh a decision before committing budget or effort. Trigger it by stating analytical intent. Ask for a "what-if analysis" rather than a general question, and the agent reasons across your live risk model to project the outcome.
Compare Scenarios: "Run a what-if analysis: how would purchasing [solution] change my maturity?", "What if I allocate $5M to my top findings? What happens to my exposure?" or "What-if analysis of deploying ZTNA in my org vs. using a VPN"
Scope the Simulation: Narrow a scenario to a specific domain, maturity area, or category (for example, response capabilities) to get a focused, comparable result.
Be Specific for Repeatable Results: Clear, intent-driven prompts produce the most consistent outputs. State the scenario and the metric you want to see; broad or ambiguous questions may return partial answers.
Related Videos
Cye AI What-If - https://youtu.be/aLf4YSXeUxM
AI-Generated Mitigation Plans
AI-Generated Mitigation Plans
CYE AI builds a complete, optimized mitigation plan across all your findings, not just a fix for a single one. It works as an optimization engine, favoring the smallest set of actions that deliver the greatest combined reduction in exposure and gain in maturity.
Plan from Your Findings: Lead with your priorities: "Show my top findings, then build a mitigation plan to address them."
Set Explicit Targets: Aim the plan at a goal, such as "Create a plan to improve my maturity to a 3.5 score" and scope it to a specific domain or security framework.
Structured, Prioritized Output: Plans are organized into quick wins, gaps, and phased improvements, with actions prioritized by impact and timeline so you know what to tackle first.
Related Videos
Cye AI Mitigation Maturity - https://youtu.be/mr4VmLYOJNA
Group-Level Management Intelligence
Group-Level Management Intelligence
For parent organizations, CYE AI acts as a Group-Level Analyst. It can identify the specific drivers of risk across your subsidiaries:
Risk Attribution: Ask which specific subsidiaries contribute the highest percentage to your total global exposure.
Pattern Recognition (Outliers): Spot subsidiaries/portfolios that report high maturity scores but maintain disproportionately high exposure levels.
Targeted Identification: Ask the AI to name subsidiaries falling below industry benchmarks or those with the highest Likelihood of Breach (LoB).
How to Get Started
How to Get Started
Locate the Icon: Click the AI icon in the bottom navigation bar of the platform.
Open the Panel: The chat window opens instantly, allowing you to use suggested prompts or type your own.
Run a Scenario: Ask, "How can I reduce my exposure by 5M within my current budget?" to see the AI's reasoning in action.
To provide more context, you can watch a demonstration of these features here: - https://youtu.be/m_nqNn-PGzM
Known Constraints & Scope
Known Constraints & Scope
Optimized Analysis: Detailed finding lookups are currently optimized for your top 25 priority findings.
Graph Data: CYE AI does not currently have access to Attack Routes or Graph Data. For route-specific analysis, please use the Graph Mode in the platform.
Trend & Historical Data: Access up to 2 years of historical data, including Yearly, Quarterly, and Monthly views and comparisons.
Reports: CYE AI cannot retrieve or reference generated platform reports. To view or export reports, use the Reports section directly.
Language: CYE AI currently supports English only.
Indicative Estimates: Cost and impact figures in what-if scenarios are approximations, based on CYE's security expertise and publicly available information rather than vendor-verified pricing. Use them to compare scenarios directionally rather than as exact quotes.
Security and privacy
Security and privacy
CYE AI is built with strict data isolation and adheres to industry standards, including GDPR.
Tenant Isolation: Your data remains private and isolated to your specific environment.
AWS Bedrock Environment: CYE AI runs on private LLMs within a secure, managed environment.
Zero Training: Your chat history, transcripts, and uploaded files are not used to train or fine-tune the underlying AI models.
RBAC Integration: Access is governed by your existing Role-Based Access Control settings.
For a deep dive into our security architecture, refer to the ‘CYE — AI Governance Overview’ (Link)
Wrap-up / Next Steps
Wrap-up / Next Steps
CYE AI is designed to be an active participant in your workflow, not just a passive search tool. To get started:
Run a Test Query: "Where am I most exposed right now?"
Automate an Ingestion: Use the Intelligent Finding Ingestion to upload your next pentest report.
Generate a Report: Once you've discussed a risk in chat, ask for a PPTX to share it with your team.
Build a Mitigation Plan: Once you've reviewed your top findings, ask CYE AI to generate an optimized plan to address them.

