Active Response Platform 


It’s easy for businesses to easily become overwhelmed by managing multiple sources of incoming data, leaving their networks susceptible to overlooked incidents, alert fatigue and knowledge drain. Dunbar’s open-source software, Cyphon, eliminates the headaches of data management by streamlining the process through a single platform.

Play video

gears icon

How it Works

  • 01 Collect: Dunbar Cybersecurity analysts use Cyphon as a single platform to collect detailed information from a multitude of sources and provides complete data accessibility.
  • 02 Alert: When alerts are triggered, our analysts dive deeper into the data and view the type of activity encountered, geographic origin and criticality level.
  • 03 Investigate: Dunbar analysts can quickly investigate the issue directly through Cyphon, allowing them to escalate issues and collaborate with other team members.
  • 04 Respond: Cyphon enables Dunbar analysts to annotate alerts with the results of their analysis, building a valuable knowledge base and providing full transparency for your organization.
open source threat intelligence platform benefits


Maximize data coverage

Closes gaps in data management and streamlines work flow

All-in-one solution

Collects data, prioritizes alerts and allows analysts to investigate incidents

Increase analyst efficiency

Complete access to multiple data sources through one platform

Reduce time and energy monitoring networks

Analysts can quickly view alert details and respond directly within Cyphon

Full transparency

Analysts escalate and document results in tickets which are visible to your organization

web monitoring tool enterprise incident management


Cyphon’s open source model allows enterprises to receive, process and triage vast and varied data on a customizable, but central platform.

As an open source project, Cyphon can be downloaded for free and managed by internal security teams or licensed with the support of Dunbar analysts and its 24/7 Security Operations Center.

Features include:

Aggregate data from numerous sources including email, log messages, APIs, social media and more

View notifications in a single pane of glass instead of multiple dashboards

Generate custom alerts with push notifications

View and sort incidents by criticality level

Establish workflow for handling alerts and tracking work performed

Request an assessment

Open Form