FAQ

1. How does Cyprob EE reduce false positives?

Cyprob EE prioritizes evidence-backed findings and service-context-aware selection instead of running every check everywhere. In practice, this reduces analyst noise and shortens validation loops.

2. Is Cyprob EE usable in air-gapped environments?

Yes, with an offline artifact transfer and controlled update workflow. Air-gapped operation still requires periodic, controlled feed/update import.

3. Can it scale without redesigning the platform?

Yes. The model is built around distributed worker capacity expansion, especially in HA-Lite mode. Scale is primarily additive via worker replicas.

4. Is installation complex for first-time evaluation?

For POC/demo, it is designed to be straightforward with a guided setup path. Production deployments require standard infrastructure controls (networking, secrets, backup, operational ownership).

5. Do you support multi-tenant operations?

Yes. The platform model includes organization-scoped operations, role-based access controls, and auditability expectations for enterprise and MSSP use.

6. What authentication and session controls exist?

Login, refresh, logout, and session lifecycle endpoints are available. Production hardening should enforce strong credential policy, token/session governance, and access reviews.

7. How are secrets managed?

Vault-based secret integration is supported and recommended for production. Static KV secret model is production-ready; dynamic DB credentials are optional for stricter environments.

8. Does Cyprob EE currently execute Wasm plugins in production path?

Current implementation is YAML-centric for active plugin execution. Wasm sandbox execution is positioned as a target architecture direction and should be communicated accordingly.

9. What happens if license expires?

Operational policy should follow your licensing agreement. In current product messaging, expired licenses are expected to move to restricted/read-only behavior rather than immediate destructive lockout.

10. What is the best POC success criterion?

One repeatable scan-to-report cycle with defensible findings, validated by both security and infrastructure stakeholders, plus a clear production rollout recommendation.

Next Action

If objections are resolved, proceed to production planning with deployment mode choice, ownership mapping, and phased rollout scope.

1. How does Cyprob EE reduce false positives?​

2. Is Cyprob EE usable in air-gapped environments?​

3. Can it scale without redesigning the platform?​

4. Is installation complex for first-time evaluation?​

5. Do you support multi-tenant operations?​

6. What authentication and session controls exist?​

7. How are secrets managed?​

8. Does Cyprob EE currently execute Wasm plugins in production path?​

9. What happens if license expires?​

10. What is the best POC success criterion?​

Next Action​