Delivery model
Controlled onboarding
Engagements are initiated through direct contact to ensure scope, authorisation, and operational guardrails are defined upfront, supporting enterprise governance and audit readiness.
Platform · Vectors & methodology
The HybridSense AI engine behind each external run.
HybridSense AI supports external cybersecurity visibility for industrial environments, including OT, SCADA, IIoT gateways, facility infrastructure, and hybrid IT/OT systems exposed to the internet.
Designed for both: traditional perimeters that need reliable monthly checks, and mixed IT/OT environments where an exposed gateway can affect physical processes.
Global Presence Operational scope
Built for geographically distributed operations.
HybridSense AI is designed and developed in South Africa, supporting operational deployments and security assessments across Africa and international environments. Our architecture is built to operate securely across geographic boundaries, supporting region-specific compliance requirements and globally hosted systems.
Deployment
Cross-border by design
Runs can be aligned to specific regions, maintenance windows, and operational constraints–ideal for distributed teams and multi-region infrastructure.
Governance
Enterprise-aligned controls
The platform supports structured reporting, evidence-led findings, and repeatable run history–helping teams demonstrate control effectiveness and risk reduction over time.
Compliance & Governance Alignment
Designed to support regulated environments.
HybridSense AI is designed to support organisations operating under recognised information security and governance frameworks, including ISO/IEC 27001, NIST, and sector-specific regulatory requirements. The platform provides structured evidence, repeatable assessments, and auditable outputs to assist internal security, risk, and compliance programmes.
Vector 01 Discovery & asset mapping
Understand what is truly exposed before talking about risk.
Before we talk about vulnerabilities, we need to agree on what the outside world can actually see. HybridSense AI builds an inventory of exposed assets and services for each run, then compares it to the previous baseline.
Assets
Domains, subdomains & IP ranges
Identification of domains, subdomains, DNS records and ranges in scope – including entries discovered from public sources and certificates.
Services
Ports & protocol fingerprinting
Lightweight, safe port and service discovery to understand which services are reachable, and how they identify themselves to the internet.
Context
Baseline and change tracking
Each run is compared to the previous baseline to surface new services, retired systems and configuration changes that may carry risk.
Vector 02 Vulnerability & misconfiguration analysis
Curated checks tuned for internet-facing infrastructure.
HybridSense AI prioritises checks that have a clear external impact: exposed admin interfaces, weak or broken TLS, default credentials, outdated components and unsafe configurations on gateways and remote access.
Vector 02-A · Web & API
Public websites, portals & APIs
Focused on internet-facing web apps and APIs, including authentication, encryption and common misconfigurations.
Vector 02-B · Access
VPN, remote access & jump points
External view of VPN endpoints, remote access portals and bastions – often the first stop for attackers targeting internal systems.
Vector 02-C · Email
Email security & hygiene
High-level checks on MX configuration and external posture to support phishing and spoofing risk assessments.
Vector 02-D · OT / IIoT edges
Bridges into industrial and facility networks
Focused on gateways, MQTT brokers, management portals and remote support paths that sit between the internet and OT or facilities networks.
Vector 03 Run lifecycle
How a typical HybridSense AI run is executed.
Runs are carefully scoped and scheduled. You retain full control of timing, aggressiveness and which Vectors are active – especially important when OT is nearby.
Step 01
Scope & guardrails
We agree on targets, regions, maintenance windows and any zones that must be excluded or treated with extra caution (e.g. live OT gateways).
Step 02
Discovery pass
Asset and service discovery runs first, keeping activity as light as possible while building a useful picture of your perimeter.
Step 03
Targeted checks per Vector
For each in-scope Vector (Web, VPN, Email, OT edges, etc.) we run appropriate checks, tuned to avoid unnecessary noise or instability.
Step 04
Optional exploit validation
Where permitted, we can safely validate selected critical issues to confirm impact, always within agreed safety limits and windows.
Step 05
Reporting & integration
Results are normalised, prioritised and exported into formats suitable for NEO dashboards, SIEM, ticketing and executive reporting.
Vector 04 Traditional vs OT coverage
One platform, tuned differently for each environment.
The same engine serves small businesses, large enterprises and critical infrastructure – the difference is in scope, guardrails and depth per Vector.
| Scenario | Typical scope | Frequency | Primary Vectors |
|---|---|---|---|
| Small / branch perimeter | 1–2 domains, a few internet-facing services | Monthly or quarterly | Web, VPN / remote access, Email |
| Enterprise perimeter | Multiple domains, regions and environments | Monthly with ad-hoc runs on change | Web, VPN, Email, cloud edge & SSO |
| OT / SCADA & facilities | Gateways, telemetry paths, support access, portals | Quarterly or aligned with process windows | OT edges, Web, VPN, vendor access paths |
Vector 05 Working with partners
HybridSense AI as the technical lens in broader programmes.
For AI risk, PQC and GRC specialists, HybridSense AI can quietly power the external technical view – leaving you free to focus on governance, strategy and business alignment.
Joint delivery
Co-branded external runs
Runs can be branded under your organisation while we operate the engine and reporting in the background.
Data feeds
API & export options
Structured outputs for ingestion into your own portals, dashboards and GRC tooling.
Flexibility
Custom scopes & programmes
From one-off perimeter reviews to ongoing programmes aligned with your own frameworks and methodologies.