Expanding Threat Detection from the Network to the Cloud

How CyGlass Secures Microsoft Azure, O365 and AWS Cloud Environments

Are you struggling to extend your cyber defenses to effectively cover cloud and hybrid cloud networks?

The steady move to cloud applications driven by the advent of COVID-19 has forever changed the traditional (WAN/LAN) network, built around data centers, office/facility locations, and the network defense services that protect it.

This rapid cloud migration has created new risks and threats for IT and security managers as they work to protect both their network and cloud environments from a growing number of cyberattacks. Growing risks and threats include:

  • More user, file and device blind spots
  • More attack vectors
  • More tool management complexity

The unique changes required to protect user identities in network and cloud directories, manage cloud service applications, and manage the data moving across the network to private and public cloud instances is complex and requires tools, skills and training that is not widely available to small teams.


NDaaS monitors and protects network and hybrid cloud environments by extending coverage to include M365, AD Azure, and AWS services.  Incorporating activity logs into SaaS AI engine, NDaaS monitors for:

  • Authentication threats including guest user and non-MFA accounts
  • Brute force password attacks
  • Access control threats including change in privilege user accounts
  • File sharing threats including sensitive files moved to public clouds or open sharing folders


CyGlass NDaaS covers multiple attack surfaces from your traditional network to your remote works and to your cloud services. It offers a holistic single view of risks and threats across all of these environments and delivers:

  • Visibility to device, network and user risk
  • Detection and remediation of threats
  • AI, threat intelligence and to a policy rules engine to define and alert to immediate threats as well as support regulatory control standard and control effectiveness reporting.

CyGlass advantages for hybrid cloud environments


M365 User Based Threat Detection

CyGlass NDaaS uniquely detects and surfaces M365 user risk correlated to authentication and access control events allowing incident prioritization and efficient remediation


AI - Based Threat Analytics and Alerts

CyGlass NDaaS includes machine learning models that search out and surface unusual users authentication and access activities, file and folder activities and unusual location events. An integrated AI:

• Unusual Access Time for A User
• Unusual Change in File Activity
• Anonymous File Activity
• Unexpected User Agent for A User


Risks, Threats and Policy Violations in Plain English

CyGlass NDaaS is designed for easy of usability by both IT and security staff. Plain language explanations, integrated definitions, investigation guidance and support mean even junior IT staff can recognize and take action to mitigate events.


Connecting Threat, Risk Level, User & IP

CyGlass NDaaS connects the dots for security analysts trying to understand the context and best remediation path of a risk or threat. A single investigation pain of glass quickly identifies the event, how dangerous the event is, the users involved, their IP addresses and locations.


Fast and Easy to Deploy

NDaaS From CyGlass is up and running in minutes with no additional hardware or software required. It integrates seamlessly with your existing cybersecurity tools and can be entirely managed remotely.

Cloud devices

See how simple it is to protect your organisation

Find out first-hand how CyGlass NDaaS can help your organisation see risks, stop threats and prove compliance.

Get a demo