55 real cyber scenarios, indexed by organization profile and technical domain. Each case starts from a field problem, walks through the deployed SYLink stack and the expected outcome. Filter to design your own architecture.
On the same ISP box: work laptop, kids' PCs, smart TV, daily IoT. A compromised home device (camera, smart bulb, console) opens the door to client files.
SYLink Box configured with two Wi-Fi SSIDs (home / work) and automatic VLANs. Work traffic stays isolated from the rest, with nothing to set up.
Cafés, coworking, hotels, train stations: unknown Wi-Fi, sketchy captive portals, MitM risk. Your work credentials and client emails travel in the clear.
SYLink roaming VPN that auto-starts on untrusted networks. SYLink Spot for road-warrior profiles (hardened, anonymized workstation via SaaS portal).
Wire-transfer scams now target solo workers and small businesses. A modified IBAN inside a PDF invoice, and €12,000 leaves toward a foreign account.
SYLink Leaks Basic (12 modules): darkweb watch on your name, brand and email, mobile alert as soon as a leak surfaces. Learn N1 awareness training.
You carry notarized deeds, HR files or commercial contracts. A USB stick lost on a train is a near-certain data leak.
SYLink SafeKey biometric (fingerprint, IP geoloc, remote lock / wipe via portal). No manual encryption to enable.
Patient files on PCs, shared visitor Wi-Fi, medical IoT devices, ransomware targeting healthcare professionals (Locky, Lockbit Health…).
SYLink Box pre-configured with 4-zone segmentation (workstations / visitor Wi-Fi / medical IoT / printing), EDR on every endpoint, 24/7 supervision and mobile alerts.
Client files opened from home, USB sticks circulating, backups forgotten right in the middle of tax-return season.
Turnkey corporate VPN, SafeKey biometric encrypted USB, EDR on remote endpoints, mandatory annual Learn N1 training.
Connected Windows POS, card terminal, open guest Wi-Fi, untrained team. A single SSID shared between customers, register and staff.
Box with POS / customers / IoT segmentation (HVAC, smart fridges), EDR on the register, mobile app for the manager when something fires.
Digitized authentic deeds, exchanges with banks and clients, clerks moving between the office and external appointments.
Box + EDR on every endpoint, SafeKey for travel, N1 training for clerks, leak watch via Leaks Basic.
PMS (Property Management System) on the hotel side, register on the restaurant side, kitchen IoT (cold rooms, smart oven), customer Wi-Fi nearby.
Box segmented by function (PMS / register / IoT / customers), EDR on PMS and register, 24/7 supervision, mobile alerts for the manager.
No CISO, no IT team, no desire to juggle 4 vendors (router, antivirus, backup, VPN) that don't talk to each other.
SYLink stack (Box + EDR + Leaks) operated by a local SYLink-certified MSP — one contact, one invoice, one console.
Remote plants, exposed PLCs (Modbus, OPC-UA), roaming remote workers, NIS2 pressure now applying to mid-market companies.
SYLink Mini 2.5 Gbps at every site (cert-based decryption proxy, IDS/IPS/NIDS), site-to-site VPN, DPI VM probe at the SI core, single CISO console.
Strategic M&A files, partners targeted by spear-phishing, regulatory and bar-association pressure.
Pro firewall with decryption proxy, EDR on every endpoint, SafeKey biometrics for partners, Spot hardened mobile workstations, Leaks Enterprise watch.
Audit incoming (insurer, customer, NIS2 transposed), gap to close in months, IT team underwater, tech debt.
Automated SYLink Audit mapped to NIS2 / ISO 27001, CAASM Vizu inventory, continuous Leaks Enterprise watch, prioritized action plan.
Healthcare business apps (hospital DPI), medical IoT, caregiver / admin VLANs, HDS constraints and HAS certification.
Pro 10G at the SI core, DPI Mini probe (15,000 IPs, 2 years of storage), EDR on every medical endpoint, automated HDS audit.
Eighty points of sale, card terminals, Windows registers, customer Wi-Fi, logistics IoT (smart fridges, scales, drive-to-store).
SYLink Box or Mini depending on store size, single central console for the HQ CISO, zero-touch deployment via MSP partner.
CAD blueprints, pending patents, industrial prototypes — prime targets of foreign economic espionage.
EDR with anti-shadow-IT DLP, Leaks Enterprise watch, EDR on engineer endpoints, N2/N3 training (attacker techniques).
Unmanageable alert volume, analyst fatigue, weak signals missed. No budget for a fully human 24/7 SOC.
SYLink AI for local SIEM triage + sovereign UniSOC (DPI probe + EDR + SYLink AI) operated in France 24/7.
Perimeters exposed to extra-territoriality (Cloud Act, FISA), executive mandate to switch to a 100% French vendor for critical assets.
Pro 10G firewall + on-premise DPI Pro probe (70,000 IPs, 5 years of storage), full audit, Leaks VIP watch — code, teams, datacenter in France.
Personalized spear-phishing, darkweb leaks on executives' personal/work accounts, sensitive international travel (Asia, Middle East).
VIP watch with 58 modules (targeted deep & dark web, brand watch), SafeKey biometrics, Spot anonymized mobile workstations, Learn N4 ExecCom training.
Connected plants, legacy PLCs (Modbus, S7, OPC-UA), wide and heterogeneous perimeter, regulator requirements (ASN, PSE, LPM).
DPI Pro probes in passive mode on the industrial network, DPI VM on virtualized sites, real-time blocking via Pro, recurring audit.
Post-incident investigation of sophisticated attacks (APT, ransomware-as-a-service), multi-year retention mandated by regulators.
On-premise DPI Pro (35,000 signatures, 2,500 applications, 520 protocols, 1:350 compressed storage over 5 years). Compromise chain rebuilt with SYLink AI.
Unmanageable alert volume (millions of events/day), analyst fatigue, weak signals missed, MTTR too long.
Sovereign UniSOC combining DPI probe + EDR agent + SYLink AI, hosted in France 24/7. Integrates with existing SIEM via connectors.
Web perimeter that shifts every sprint, massive external attack surface, annual pentest obsolete after 2 months.
SYLink Pentest driven by SYLink AI, run on-premise, sovereign report generation. Continuous coverage of the external surface.
Customer credentials sold on darkweb, banking fraud kits, money mules, brand abuse.
Leaks VIP brand watch + SYLink AI to correlate weak signals + UniSOC for coordinated 24/7 response.
Ransomware blocking patient care (CHU Rouen, Corbeil-Essonnes…), medical IoT, absolute urgency, HDS constraints.
Pro firewall at the SI core, DPI Pro probe for the forensic time machine, EDR on medical endpoints, 24/7 supervision and HDS audit.
No IT department, complex public-procurement process, pooling needed at the county or inter-municipal level.
Pooled Box via county IT department under the Gigalis framework, mobile app for the head of services, mandatory Learn N1 awareness for staff.
Multi-service networks (school, library, daycare), roaming staff, GDPR and transposed-NIS2 requirements for public bodies > 30 staff.
SYLink Mini 2.5G + DPI Mini probe (15,000 IPs, 2 years of storage), automated audit mapped to PSSIE / HDS, white-label for the pooled IT department.
Exposed teaching network, content to filter, reinforced GDPR for minors, growing EdTech tools sometimes hosted outside the EU.
School-grade Box with teaching / admin segmentation, EDR on admin endpoints, Leaks Basic watch, Learn N1 training for teachers.
Fifty towns to equip, capped budget, small IT team, heterogeneous legacy SI.
Pooled Pro + DPI VM in regional datacenter + sovereign UniSOC (DPI probe + EDR + SYLink AI) operated in France 24/7.
Mandatory periodic intrusive audits (transposed NIS2, PSSIE), public-tender purchase to organize, scarce pentest skills.
SYLink Pentest driven by SYLink AI, run on-premise, sovereign report — direct purchase order via Gigalis Lot 2.
Sensitive tenant files (income, family situation), mobile staff (technicians, account managers), ransomware risk.
Pro + EDR on every endpoint + SafeKey for technicians on site + Leaks Enterprise for leak watch.
Sensitive data (II 901, IGI 1300), controlled exchanges between zones, occasional travel by cleared personnel.
On-premise SYLink Pro in isolated zone, biometric SafeKey for exchanges, self-hosted Protect VPN for controlled exit nodes, hardened EDR with no telemetry.
LPM decrees, transposed NIS2, recurring NATO / Armed Forces audits, strong sovereignty requirement, integration with CERT-FR / sectoral CERT.
On-premise SYLink Pro + DPI Pro stack (10 Gbps, 70,000 IPs, 5 years of storage) + DPI VM on virtualized sites + Audit + Leaks VIP, integrated with the CERT.
Post-incident reconstruction of sophisticated attacks (state-sponsored APTs), mandatory long-term retention, full auditability required.
On-premise SYLink DPI Pro (35,000 signatures, 2,500 applications, 520 protocols, 1:350 compressed storage) + DPI Mini at secondary sites + air-gapped SYLink AI analysis.
Need for cyber AI without cloud callbacks, signed models and full auditability, NATO / Armed Forces / ISO 27032 doctrine compliance.
Air-gapped SYLink AI deployments, signed models, traceable logs. On-premise UniSOC on dedicated infrastructure for sensitive missions.
Foreign delegations (sensitive countries), equipment targeted by foreign services, reinforced VIP darkweb watch.
SafeKey biometric keys, hardened EDR on every device, 58-module VIP watch, Learn N4 training for the executive committee.
24/7 maintenance and controlled deployment of NATO / Armed Forces / CERT-FR patches by cleared personnel based on French soil.
SYLink MCO + MCS contract. Quarterly reporting to the CISO / security officer, documented reversibility plans, source-code escrow on contract end.
Intrusion testing on sensitive perimeters, no data sent to external services, full traceability required.
SYLink Pentest driven by SYLink AI, executed entirely on-premise within the accredited zone, signed sovereign report.
Phishing, weak passwords, social engineering, unknown USBs — humans remain the largest attack surface.
Learn N1 module: 1 hour, video or in-person, role-based scenarios, phishing simulation, certificate. Mandatory annual cycle for public bodies.
Internal IT teams trained on building, much less on attacker techniques (red team, MITRE ATT&CK, IOCs).
Learn N2 (Hackers — offensive techniques) + Learn N3 (Infrastructure — hardening, IR, threat hunting). Workshop format with hands-on cases.
ExecCom must decide without always grasping cyber risk: NIS2 pressure, VIP exposure, potential losses, crisis communication.
Learn N4: strategic mentoring for top executives, crisis management, regulatory communication, cyber tabletop exercise.
You work from a colleague's office, train stations, courtrooms. Your filings travel by email, your VIP clients are spear-phishing targets, and bar rules require reinforced privilege over attorney-client communications.
Roaming VPN auto-starting on public Wi-Fi, biometric SafeKey for transported sensitive items, Leaks watch on your domain names and VIPs. Anti-spear-phishing Learn N1 awareness.
Your DWG / Revit files weigh several gigabytes, you carry them on USB sticks between office, site and clients. A leak on a sensitive project (data center, defense, infra) can break a tender or expose an end client.
Biometric SafeKey for client deliveries, EDR on the BIM workstation, and SYLink Transfer to send heavy bundles via timestamped encrypted link instead of WeTransfer.
You access the shared health record (DMP) from 3 different practices in the same week. Wi-Fi is rarely segmented, your CPS credentials and electronic prescriptions travel over networks you don't control.
Automatic VPN to secure DMP / Mailiz / Ameli pro sessions, SafeKey to store the encrypted local backup, SYLink mobile app to alert on abnormal access attempts.
The pharmacy software talks to social security, stock automation and patient kiosks. A compromise shuts the pharmacy down mid-day, as seen in several 2024-2025 attacks.
SYLink Box with 4-zone segmentation (pharmacy software / automation / patient kiosk / visitor Wi-Fi), EDR on back-office endpoints, pooled 24/7 supervision and mobile alert to the owner.
Your EV chargers are connected to the internet for billing and management. On the same network sit OBD diagnostic tools, manufacturer software (PROXIA, ETKA) and customer endpoints — one VLAN, one ransomware.
SYLink Box with separated VLANs (workshop / EV chargers / customers / IoT), EDR on diagnostic endpoints, EV-charger flow supervision to detect a charger compromise before it reaches the SI.
Mandates signed during visits, energy reports exchanged by email, VIP clients with sensitive addresses, six-figure transactions: your agency becomes a prime target for wire fraud and impersonation.
Sovereign e-signature (SYLink Sign, eIDAS-compliant), sensitive deliveries via SYLink Transfer (expiring encrypted link), Leaks watch on your VIP contacts.
Silos with IP sensors, remotely operated irrigation pumps, self-service seasonal endpoints, web app for members: a classic OT/IT mix with no map. NIS2 now classifies you as an important entity.
SYLink Pro at the SI core, SYLink Mini at every silo / pumping station, EDR on seasonal endpoints, annual NIS2-mapped audit and Learn N2 for internal IT.
Multiple branches (Lyon, Saint-Étienne, Annecy), 80 staff, hundreds of client portfolios in shared folders. Cross-client leakage (one compromised employee seeing everything) is a GDPR bomb.
SYLink Pro inter-site with encrypted site-to-site connections, segmentation by branch and per-portfolio compartmentalization via RBAC, continuous audit mapped to OEC + GDPR.
Your substations are LPM-critical OT. Schneider / Siemens PLCs speak IEC 60870-5-104, MCO is operated by VPN-connected vendors, and any intrusion can cascade into a regional blackout.
On-premise SYLink DPI Pro dedicated to the substation (passive mode, 5-year forensic time machine), hardened EDR on engineer endpoints, cleared UniSOC supervision, recurring PASSI audit.
DORA now mandates digital operational-resilience testing, monitoring of critical providers and incident notification within 4 hours. Your current SOC catches external attacks — not insiders or compromises at your providers.
SYLink Vizu to map vendors and exposure, Leaks VIP for executives and brand, sovereign AI SOC (UniSOC) for 24/7 triage, and continuous DORA-mapped audit.
The EPCI wants to equip 14 towns (800 to 12,000 inhabitants) with no internal IT in the small town halls. The Gigalis Lot 2 framework opens a clean entry point, but the rollout must be industrialized.
Pooled SYLink Box via the county IT department, single central console to supervise the 14 towns, Vizu audit for the initial map, mandatory Learn N1 awareness for every staff member.
The campus mixes 30,000 student BYOD devices, research labs subject to export control (US/EU), and confidential industrial partnerships. The boundary between student Wi-Fi and research servers is too porous.
SYLink Pro + DPI VM probes at the campus network core, watertight VLANs research / teaching / BYOD, EDR on sensitive lab endpoints, and SafeKey for researchers travelling internationally.
Your diplomats travel with laptops, keys and classified documents to high-cyber-risk countries (China, Russia, Iran, North Korea). A single compromised device opens a window into French doctrine.
SYLink Spot (hardened anonymized mobile workstations), biometric SafeKey with geoloc and remote self-destruct, inter-post VPN to the foreign-affairs ministry, Learn N4 executive training for sensitive trips.
When a critical operator in the county is attacked (hospital, energy, water), the prefecture must coordinate ANSSI, COMCYBER, ARS and public communication in under 2 hours. Today, that runs over phone calls and Teams.
Sovereign UniSOC interfaced with CERT-FR, SYLink AI to qualify and summarize indicators, Learn N4 for the prefectural ExecCom (crisis management + communication), and annual red-team exercises.
Describe your context — sector, size, regulatory constraints, tech debt. Our architects send you the most relevant SYLink stack within 48 hours.
