Products

RoomIQ for the briefing room. SpacesIQ for the building. Same Layer-1 engine underneath.

CybrIQ ships two products. They share an architecture: switch-side signals are collected, combined into a Layer-1 fingerprint (Device DNA™), matched against a 750-million-device reference library, and exposed to the agency's SIEM and NAC through syslog and REST. The difference between the two is scope.

RoomIQ

For room-level scope. An individual conference room, briefing room, situation room, command-and-control room, lab bench, or contained AV environment. RoomIQ identifies every device connected to the managed switch serving that room — codec, display controller, room control panel, microphone array, document camera, BYOD presentations, contractor laptops, building-systems integrations. Surfaces unauthorized or covered hardware on a per-room basis.

Typical federal deployment: a SCIF briefing room, an executive secure-conference space, a courtroom AV system, a defense-contractor demo space, or a lab environment with sensitive instruments on the same switch.

SpacesIQ

For building, campus, and multi-site scope. SpacesIQ scales across every managed switch in the environment. One agency, multiple buildings, multiple programs, multiple tenants, multiple OT enclaves. A single SpacesIQ deployment can cover the building or the entire campus; a federated deployment can cover an entire department or a state government.

Typical deployment: a cabinet department headquarters, a multi-building installation, a county IT environment covering courts and human services and corrections, or a state-government central-IT deployment shared across agencies.

Shared architecture

Both products share two components: an External Scan Engine (ESE) and a main instance. The agency installs and operates both. ESE-to-main communication is over SSL. There is no vendor tunnel, vendor cloud, or vendor-managed component in the path.

ESECollects signals from the agency's managed switches. Customer-installed on agency hardware. One ESE handles roughly 500 switches; larger environments deploy multiple ESEs that report to the same main instance.

Main instanceAggregates ESE feeds, runs the Device DNA matching, exposes the data to the agency's SIEM and NAC. Customer-installed.

Reference library~750 million device fingerprints curated and updated by CybrIQ. Updates ship as signed packages; for SCIF and air-gapped environments, packages move into the enclave via the agency's approved-media process.

Integrations

CybrIQ does not replace existing tooling. The output integrates with the systems the agency already runs:

SIEM: Splunk (including FedRAMP-authorized Splunk Cloud Government), Microsoft Sentinel for Government, IBM QRadar, Elastic. Syslog (RFC 5424) and REST.
NAC: Cisco ISE, Forescout, Aruba ClearPass. Direct integrations and event-payload formats aligned with NAC quarantine workflows.
CDM data feed: Field names align with HWAM expectations.
eMASS and compliance evidence platforms: Audit-trail export available in CSV and JSON formats suitable for SSP attachments and POA&M references.

Procurement

Federal procurement vehicles — Carahsoft channel routing for GSA MAS, SEWP, CIO-SP3, 2GIT; Azure Marketplace; ServiceNow Store; direct PO — are listed on the Contract vehicles page. State and local procurement routes are tracked on the State & Local track page. For specific vehicle availability and routing, the briefing call is the fastest path to a concrete answer.

Schedule a product briefing

A 30-minute session: we walk RoomIQ or SpacesIQ against your scope, your switch vendors, and the integrations you'd plug it into.

Request briefing