Centeye Security — frequently asked questions

Centeye Security is an AI-native cybersecurity platform for MSPs and small and mid-sized businesses. It monitors seven attack surfaces — email, identity, endpoints, dark web, web, DNS, and AI usage — and runs two virtual security employees that triage and respond with a human in the loop.

Seven: Email & BEC, Endpoint (EDR/MDR), Identity (ITDR), Dark Web & exposure, WAF/web, DNS (C2 & exfiltration), and Shield-AI (AI data-loss prevention and non-human identity).

Managed service providers running security across a client fleet, and small and mid-sized businesses that don't have in-house security staff or a 24/7 SOC.

Yes — endpoint detection and response delivered as managed detection and response. The Kavach agent triages and responds around the clock, so you get MDR coverage without staffing a 24/7 SOC.

The two virtual security employees. Kavach is a virtual SOC analyst that triages, correlates, and remediates across all seven surfaces 24×7. Argus is a plain-English advisor that explains posture and incidents, writes the cyber-insurance readiness report, and runs step-by-step runbooks during a live incident.

You set the autonomy per action and per client on a ladder: Watch → Recommend → 1-click Approve → Auto-contain. Every action is reversible and written to a tamper-evident audit log.

It can trigger a pre-emptive backup through your tenant’s existing backup solution, capturing a clean restore point before a threat like ransomware can spread — so you keep a clean recovery point even if an attack progresses.

Only for endpoints, and it's optional: a lightweight Windows, macOS, or Linux agent, or agentless ingestion of tools you already run such as Wazuh, Falco, osquery, or Elastic. Email, identity, WAF, DNS, and dark-web surfaces connect to your cloud services with no agent.

Microsoft 365, Google Workspace, JumpCloud, and Microsoft Entra for email and identity; Azure Front Door, GCP Cloud Armor, AWS WAF, and Cloudflare for web; Route 53, Cloud DNS, Azure DNS, Cloudflare Gateway, Cisco Umbrella, NextDNS, Quad9, and DNSFilter for DNS; Slack and Teams for alerts; and your existing backup and recovery tools.

No rip-and-replace. It ingests and normalizes the endpoint tools you already run, orchestrates the cloud WAFs you already use, and interfaces with your existing MSP tooling.

Argus produces a cyber-insurance readiness report, audits MFA posture daily, and scores your backup and recovery posture. It supports readiness — it does not guarantee coverage.

Yes. Shield-AI inventories every connected AI and SaaS app as a non-human identity, scores it on its access scopes, flags shadow AI outside your sanctioned catalog, and classifies outbound email content to prevent data loss. Behavioral AI-traffic detection and Microsoft Copilot oversight are Enterprise-tier.

Pricing is “talk to us” — there are no public price tiers; it's scoped to your environment and client fleet.

Yes — a multi-tenant canvas by default gives one pane across every client, with per-client risk scoring, plain-English client reports, and an audited, dual-consent operator proxy for takeover.