Conference-room security at Layer 1.
Every conference room is a network. RoomIQ fingerprints every device behind every codec, switch, display, and wireless presenter, then keeps that picture current as gear gets swapped, added, or unplugged.
The conference room nobody is measuring.
The codec ships with a Crestron, Extron, Q-SYS, Poly by HP, or Neat partner. The drop sits behind a small unmanaged switch. The wireless presenter, the smart camera, the IoT sensor on the table. All on the same VLAN, none of them on the corporate asset register, and none of them visible to NAC.
What an "all green" control system actually proves.
The control surface says the room is operational. That is not Layer 1 evidence. It tells you nothing about which devices are connected, what those devices really are, or whether anything has changed since the last sweep.
RoomIQ is the layer underneath. Continuous fingerprinting at the wire, validating every device against its known signature, flagging the ones that do not match.
A supply-chain implant in a conference camera.
A global enterprise rolled out hundreds of identical conference kits. Paperwork, serials, and images all looked legitimate. CybrIQ flagged one camera whose electrical fingerprint did not match the fleet. It was not a quirk. It was a supply-chain implant built to capture more than meeting minutes.
Without physical-layer validation, the implanted camera would have blended in forever. Every other sensor (paperwork, serial check, software check) cleared the device. Only Layer 1 caught what the others were not designed to see.
Audit-ready evidence, by room, on demand.
The auditor does not want a screenshot of an environmental dashboard. They want a per-device, per-port record they can take at face value. RoomIQ produces it, by room, dated and signed by what was actually on the wire at the time.
HIPAA, PCI, SOC 2, NIST, CMMC. The same evidence answers all of them, because the evidence is the network itself, not a reconstruction of it.
Four classes of threat that look exactly like the gear you bought.
If you trust what a device claims to be (its MAC, its driver, its label), you are trusting the attacker. Each of these classes of threat is in field-tested adversary playbooks today.
USB Impostors.
USB devices that pretend to be keyboards or network cards. Plug-and-play means the device is participating before the operator can review it. The OS trusts the descriptor; the descriptor lies.
Tampered AV Devices.
Cameras, microphones, and codecs that have been altered upstream of the room (in transit, in storage, or pre-deployment). Look identical, behave differently. Without an electrical signature, indistinguishable.
Rogue Adapters.
Wireless dongles, video adapters, and network connectors that quietly add an attack surface to a high-trust room. Often introduced by accident; sometimes deliberately. Either way, invisible to NAC.
Hidden Network Gear.
Unmanaged 4-port and 5-port switches stuffed behind the codec to extend connectivity. They create downstream ports nobody on the IT team commissioned. RoomIQ catches the change in the codec's electrical signature first.
What the wire actually sees.
Device DNA derives each device's signature from its observable Layer 1 behavior: link negotiation pattern, MAC OUI, traffic timing, the device's response to a small set of standard probes, and the packet-cadence fingerprint produced under load. The signature is rebuilt every time the platform validates a port, which is why a device swap shows as a new signature within seconds.
The signature does not depend on an agent installed on the device. It does not depend on the device self-reporting its identity. It depends on what the wire actually sees when the device is connected. That is why Device DNA catches the cases NAC and EDR miss: an unmanaged switch behind a contractor's drop, an IoT sensor with no agent class, a kiosk that reports as one thing and behaves as another.
Deployment is non-invasive. The platform reads from the network without changing how it behaves. RoomIQ ships as a small appliance that lives behind the room's network drop; SpacesIQ extends the same approach across a building's switch fabric. No agent on the endpoint, no rewiring of the room.
The technical layer, kept executive-readable.
Patented Device DNA™
A signature derived from the device's actual Layer 1 behavior, not its self-reported MAC or its label. The signature stays stable when the network does and shifts when the device does.
Continuous validation
Every linked port, every connected device, validated continuously against its known signature. Drift surfaces as a discrete event the operator can act on, not as a stack-trace in a log somewhere.
Per-room evidence pack
A named export, by room, with the device list, the validation record, and the change history. The format the auditor and the CISO can both work from, without translation.
Integrator-ready deployment
Ships as an attached recurring SKU on every Crestron, Extron, Q-SYS, Poly, or Neat install. The integrator owns the room. RoomIQ owns the answer to "is the room secure?"
Five things that change inside the first quarter.
The activity is detection and validation. The outcomes are what executives sign off on.
Prevent eavesdropping.
In boardrooms and deal rooms. The class of threat that is hardest to discuss publicly is also the easiest to ignore until it happens. RoomIQ removes the assumption that the equipment is what it claims.
Cut risk at the door.
Block unapproved hardware automatically, at the moment it draws a link. Policy is enforced at first contact, not at the next quarterly review.
Shrink incident time.
Precise room, port, and device evidence in seconds. The investigation that used to take a day starts with the document the platform already produced.
Hand auditors proof.
Inventory, policies, events, and exception logs tied to place and owner. The audit team works from the platform's record directly, not from a reconstruction the security team built the night before.
Fit your stack.
Integrates with your SIEM, XDR, NAC, EDR, and ITSM for ticketing and automated response. RoomIQ is additive, not a replacement, and the integration is designed to be the easy part.
Three steps. A few weeks. Real evidence in hand.
Pick three to five high-trust rooms.
Boardroom. Trading floor conference. Operations center. Wherever a single overheard conversation or compromised device would move the company. Start where the stakes are real.
Connect RoomIQ to your environment.
The appliance lives behind the room's network drop. No agent on endpoints, no rewiring of the AV gear, no changes to switch configuration. Setup is measured in hours, not weeks.
Run a baseline pass and review with your room techs.
The first inventory is the most useful. Walk through it with the integrator that owns the room and the security lead that owns the network. The conversation that follows decides what comes next.
What integrators and CISOs ask on the first call.
How long does deployment actually take?
A working session takes 30 minutes for one room. Continuous operation begins inside week one. The platform is producing audit-ready evidence by month one. The full deployment timeline is on the homepage.
Does RoomIQ replace our NAC or EDR?
No. RoomIQ fills the visibility gap underneath them. NAC sees the corporate VLAN; EDR sees endpoints with an agent. RoomIQ sees what neither was designed to see: the unmanaged gear, contractor laptops, and IoT devices that ship without an agent class.
Is there an agent on the device?
No agent. Device DNA™ is derived from observable Layer 1 behavior: link negotiation, MAC OUI, packet cadence, response shape. The device does not need to cooperate or self-report.
What hardware does the room need?
RoomIQ ships as a small appliance that lives behind the room's network drop. No rewiring of the room, no changes to switch configuration, no impact on the existing AV gear or call quality.
How is RoomIQ priced?
RoomIQ is a per-room recurring SKU, typically attached to integrator deployments alongside any Crestron, Extron, Q-SYS, Poly by HP, or Neat install. Detailed pricing is shared on the demo call once we understand the environment.
How does the integrator-channel motion work?
Integrator partners attach RoomIQ as a recurring line on every room they ship. Pricing is set at the partner level; margin compounds with every room added to the account. We support partners with co-marketing, the CISO-meeting answer, and the deployment artifact.
Bring a conference room. Walk out with the answer.
A 30-minute working session against one of your rooms. By the end of it you will have a Device DNA™ inventory, a continuous-validation report, and a clear answer to whether the room is what the spreadsheet said it was.