CybrIQ for government · 30-day pilot
CybrIQ
Government/Pilot
30-day pilot · no fee

A 30-day pilot, no fee, with deliverables you keep regardless of what happens next.

The pilot is built so a federal civilian, DoD-contractor, or SLED program can evaluate CybrIQ against its own environment without a procurement commitment. The agency supplies the hardware the software runs on and grants read-only switch access; CybrIQ supplies the software, the reference library, and the operations briefing. At the end of 30 days you have the inventory, the deviation report, and the controls-mapped evidence pack as deliverables — yours whether the conversation continues or not.

The 30-day no-fee pilot shape laid out as four phases. Day 1 to Day 3 (setup): scope confirmed for one building or VLAN cluster or CUI enclave; host hardware identified (small Linux or Windows server); SNMP read-only credentials scoped; MNDA executed same-day. Week 1 (install): ESE and main instance installed on your hardware; reference library with the 750-million-device corpus loaded; first poll at 30-second cadence; first Device DNA identifications within hours; deliverable is the first inventory shipped at end of week 1. Week 2 (baseline): the inventory is reviewed against the existing asset register; threshold tuning per VLAN; first deviation events from authorization-list comparisons; inventory gap typically visible in weeks 2-4. Week 3 to Week 4 (evidence and close): signed audit-trail export in CSV / JSON with SHA-256; controls-mapped pack against NIST 800-53 Rev 5, 800-171, CMMC L2, and Section 889; full first-30-days deviation log; cyber-insurance evidence pack for SLED where applicable; deliverables are yours whether or not the conversation continues. No fee, no procurement commitment. You supply hardware and SNMP access; we supply software and the operations brief.

What the pilot involves

The pilot mirrors a production deployment in shape but at smaller scope — typically one building, one cluster of managed switches, or one CUI enclave. We use the actual product (not a demo build), against the agency's actual environment.

What you supply
  • A small Linux or Windows server that the External Scan Engine and the main instance run on. Spec is light; the briefing call confirms the right size for your scope.
  • Read-only SNMP management access from the ESE to the managed switches in scope (one ESE handles up to 500 switches).
  • An hour of network-team time for the install briefing and credential handoff.
  • The list of switches in scope. If you want a SCIF or air-gapped pilot, plan an extra week for the operations briefing for that environment.
What CybrIQ supplies
  • The software (RoomIQ for room-level scope, SpacesIQ for building/multi-site scope).
  • The full reference library (~750M device fingerprints), updated through the pilot.
  • Install and configuration support by a CybrIQ engineer.
  • Weekly checkpoint calls during the 30-day window.
  • The deliverables (see below) at the end.

Deliverables (yours to keep)

  • Device inventory. Every device identified on the in-scope switches across the 30-day window. CSV export, signed at the control plane with a SHA-256 hash.
  • Deviation report. Every device that appeared on the network and was not on the authorized-hardware list, with first-seen timestamps, vendor identification, and confidence scores.
  • Covered-entity report (Section 889). Any Hikvision, Dahua, Hytera, Huawei, or ZTE hardware identified, with switch port and chassis-label context.
  • Controls-mapped evidence pack. The same inventory, organized as evidence for the controls you cite in your SSP (CM-8 family, CM.L2-3.4.1, ZTMM Devices pillar, CDM HWAM completeness). Aligned with the inheritance matrix on the Takeaways page.
  • Walkthrough call. A 60-minute close-out session: what we found, what to do with it, what a production deployment would look like at scale.

No procurement commitment

The pilot ships under a simple no-fee mutual NDA. The agency or contractor commits to two things: granting the read-only switch access and supplying the small server hardware. CybrIQ commits to delivering the deliverables above. Neither party commits to anything beyond that — if the pilot doesn't fit, the conversation closes cleanly and you keep the artifacts.

Production-scale deployment after the pilot, if you want to continue, runs through one of the procurement vehicles listed on the Contract vehicles page. The briefing call discusses the right route for your environment.

Schedule and prerequisites

Typical pilot timing: 2 weeks to schedule (NDA, hardware confirmation, switch-credential handoff), then the 30-day window itself. For air-gapped or SCIF pilots, add one additional week for the disconnected-environment operations briefing.

Schedule a pilot-scope call

30 minutes: we walk what fits as pilot scope for your environment, what you'd need from your network team, and the timeline for kicking off.

Request pilot scoping