Client-controlled runtime
The product retains its own local configuration, audit trail, licence state and operational workflow.
Evidence governance
Cybstyx Phylaxis Tekmerion Evidence Vault
Evidence governance, chain-of-custody, legal hold, compliance packs, and audit-proof exports. The product is positioned as a client-controlled security engine with professional deployment, audit and integration boundaries.
Core responsibility
What this product is built to handle.
chain-of-custody, legal hold, compliance evidence and exports
- Evidence intake
- Signed evidence packs
- Chain verifier and case bundles
- Retention and legal hold
- Redaction, exports, and compliance templates
Deployment and control model
Roles: Super Admin, Evidence Admin, Compliance Officer, Reviewer/Auditor, SOC Analyst, Service Account
Authentication: Local RBAC with MFA; optional Eidon SSO; service authentication for evidence submitters.
Linked with: Optional Unified Cyber Security Command Center adapter, Chronyx timeline, Keraunix response, Phylax endpoint, Dolion decoys, Orama, Phragma, Nyxara, Nomion, and Eidon.
Boundary: Evidence vault remains usable without Unified Cyber Security Command Center and can accept offline evidence bundles for local reports.
Cybstyx model
Standalone product, optional ecosystem connection
The product should be strong alone first. Integration improves visibility and coordination, but it must not become an uncontrolled dependency.
Command-center option
SecOwl can receive approved events and show posture or evidence if the client enables the adapter.
Bounded integration
Products may connect to identity, evidence, licence, secrets or timeline services when policy allows.
Every action has context
Administrative changes, service events and proof exports should remain auditable.