SYLink Vizu: the On-Premise cockpit for your cyber visibility
SYLink Vizu is a CAASM (Cyber Asset Attack Surface Management) platform project that unifies your IT & OT data to see, understand and act faster, while keeping data on your premises. The idea: connect your existing tools (EDR/XDR, vulnerability scanners, CMDB/ITSM, DHCP/IPAM, virtualization/Cloud, NDR/SIEM, MDM/Identity), consolidate a reliable inventory, add business context, and provide KPIs & reports that hold up over time. Within the SYLink ecosystem, this extends the On-Premise and centralization logic already delivered by SYLink Box / Pro and the SYLink AI portal.
Why now? (the CAASM need)
Security teams face incomplete inventories, scattered data, and patching that is sometimes driven by noise rather than risk. CAASM emerged to solve these blind spots: correlating sources, contextualizing risk and prioritizing actions. Analysts describe CAASM as a way to improve visibility and reduce exposure, by leveraging tools already in place (EDR, Cloud, MDM, etc.).
SYLink Vizu positioning
-
On-Premise by design: local deployment (Docker/VM), air-gapped option, data on your premises to meet sovereignty and confidentiality requirements. This philosophy is already very present across SYLink offerings (OnPrem, Box, Pro) and their management portal.
-
Read-only & agentless: no intrusive actions on assets - remediation goes through targeted exports and ITSM tickets. This "safe-by-design" approach limits operational risks, especially in sensitive environments. (CAASM best practice.)
-
IT + OT/ICS: the platform aims at a unified mapping (IT & industrial), based on network flows and/or NDR/DPI for OT, in order to represent zones & conduits (IEC 62443) without disturbing production. (Principle: passive visibility on the OT side.)
What the platform does (the 7-step journey)
-
Collect
Read-only API & file connections: EDR/XDR, vuln scanners, CMDB/ITSM, IPAM/DHCP, vSphere, Cloud, SIEM/NDR, MDM/Identity. Goal: a fact lake made reliable, source by source. (CAASM philosophy: leverage existing tools, do not "re-scan" everything.)
-
Unify
Common model + per-source trust (who tells the truth on which attribute?), multi-key deduplication (agent ID, MAC, FQDN, IP...), per-attribute freshness. Goal: a single reference queryable per asset (360 view). (Core CAASM promise.)
-
Enrich
Add business tags (BU/site/criticality), exposure (Internet, privileges), OT zones/conduits; raw data becomes actionable information.
-
Explore / Query
Filters + a simple DSL to ask concrete questions: "Missing EDR in PROD?", "Critical vulns exposed to the Internet?", "Non-compliant inter-zone crossings?". Queries can be saved and automated (reports). (Typical CAASM use.)
-
Govern (Governance)
Out-of-the-box KPIs (agent/scan coverage, inventory freshness, vuln backlog), thresholds, compliance dashboards (NIS2, ISO 27001, DORA) to align governance and operations.
-
Fix (Remediation)
The platform does not act directly: it orchestrates via exports and ITSM tickets (ServiceNow/Jira), then verifies that the change produced the expected effect (re-collection / delta). (Good practice in role separation.)
-
Continuous improvement
Trends (30/90/365 days), lessons learned, recurring reports with timestamped evidence - to prove impact and sustain compliance over time. (CAASM principle: visibility + evidence.)
Where SYLink Vizu fits in the SYLink ecosystem
-
SYLink Box: a network appliance that observes and alerts (with embedded AI), and whose data is accessible from the SYLink AI portal. Vizu builds on this know-how of non-intrusive observation and centralized supervision.
-
SYLink Pro: centralized management, an overall view of the network and its risks. Vizu extends this logic by correlating with your other IT & Cyber tools to deliver a decision-oriented 360 view.
-
On-Prem / OnPremise: SYLink already offers On-Prem variants that learn the traffic, analyze and alert without disrupting operations - Vizu inherits the same DNA (sovereignty / air-gapped).
Flagship use cases
-
Unified inventory & Shadow IT: end the gap between CMDB and reality, find missing agents and surface unmanaged devices. (CAASM core: consolidated inventory, correlated sources.)
-
Vulnerability prioritization: link findings (scanners) + business context (criticality, exposure, maintenance window) to act where the risk is real.
-
Continuous compliance: NIS2/ISO/DORA indicators backed by technical facts; exportable evidence for audits.
-
OT/ICS without risk: zones & conduits mapping (IEC 62443) via network/DPI visibility, zero intrusive action in production. (Recommended approach in industrial environments.)
What sets the project apart
-
On-Premise & sovereign: the SYLink model favors local control of data and keys, useful for regulated sectors.
-
Read-only, safe-by-design: no direct actions, but documented orchestration (exports, tickets), easier to audit.
-
IT + OT/ICS: the ambition to map and contextualize both sides of the perimeter (IT & industrial) consistently.
How to get started (recommended approach)
-
Prerequisites: read-only API accounts for your key tools (NDR, scanner, CMDB/ITSM, vSphere, Entra/Intune, SIEM/NDR, IPAM/DHCP). (This is the CAASM baseline.)
-
PoC in 2 to 4 weeks:
-
Week 1: read connections (API/files), normalization and deduplication, first KPIs.
-
Week 2: useful queries (missing NDR, exposed critical vulns), compliance dashboards.
-
Weeks 3-4: campaigns (exports/tickets), scheduled reports, review & roadmap.
-
-
OT extension: in an industrial context, add passive visibility via NDR/DPI (or the SYLink Box) to map zones/conduits without disrupting production.
Going further
-
What is CAASM? (definitions & stakes): Gartner, Tenable, CrowdStrike.
-
SYLink universe (OnPrem/Box/Pro/Portal): official pages.
SYLink Vizu aligns with the CAASM movement to provide an accurate picture of your assets, prioritize based on business context, prove compliance and accelerate remediation - without touching the production IT system. And above all: On-Prem, under your control.
Request a demo or start the 10-day trial - https://sylink-vizu.com/