Client-controlled runtime
The product retains its own local configuration, audit trail, licence state and operational workflow.
Endpoint security
Cybstyx Phylaxis Phylax Endpoint Guard
Endpoint protection, posture, device trust, and quarantine workflow for laptops, servers, and endpoint agents. The product is positioned as a client-controlled security engine with professional deployment, audit and integration boundaries.
Core responsibility
What this product is built to handle.
device posture, agent trust, quarantine and endpoint evidence
- Endpoint agent and device inventory
- Posture heartbeat and trust checks
- Malware or behavior review
- Policy gate and quarantine approvals
- USB, clipboard, network controls and endpoint evidence
Deployment and control model
Roles: Super Admin, Endpoint Admin, Security Admin, SOC Analyst, Auditor, Service Agent
Authentication: Local RBAC with admin MFA; optional Eidon SSO; agent/service authentication for endpoint telemetry.
Linked with: Optional Unified Cyber Security Command Center adapter, Eidon identity, Nomion licence, Chronyx timeline, Tekmerion evidence, Keraunix response, Topora resources, and Kleidion secrets.
Boundary: Endpoint protection continues locally even if Unified Cyber Security Command Center, Eidon, or Nomion is offline after valid local policy and licence cache.
Cybstyx model
Standalone product, optional ecosystem connection
The product should be strong alone first. Integration improves visibility and coordination, but it must not become an uncontrolled dependency.
Command-center option
SecOwl can receive approved events and show posture or evidence if the client enables the adapter.
Bounded integration
Products may connect to identity, evidence, licence, secrets or timeline services when policy allows.
Every action has context
Administrative changes, service events and proof exports should remain auditable.