Meet CybrIQ at InfoComm 2026 · Booth C5052 · June 13–19 · Las Vegas · Pre-book a working session →
CybrIQ
Solutions

What CybrIQ sells.

Two products and four services around them. RoomIQ and SpacesIQ produce the underlying Layer 1 record: every device, every port, fingerprinted continuously.

The four services turn that record into specific outcomes. SupportIQ runs the platform on your behalf. ComplianceIQ readies the audit. AdvisoryIQ gives leadership the unified view. NetworkIQ designs the network the platform sits on.

Most customers start with one product and add a service when the work calls for it.

Products

Where the Device DNA™ telemetry comes from. Two product surfaces, one platform underneath.

RoomIQ

Conference-room security at Layer 1.

For AV integrators and security teams who need every device behind the codec accounted for.

  • Device DNA™ fingerprinting for every endpoint behind the room's network drop
  • Continuous validation of cameras, mics, displays, dongles, and USB accessories
  • Per-room audit evidence integrators and CISOs can both sign off on
  • Recurring SKU for every Crestron, Extron, Q-SYS, Poly by HP, or Neat install
RoomIQ details →
SpacesIQ

Building-wide Layer 1 visibility.

If it plugs in anywhere in your building, SpacesIQ knows.

  • Every switch port, every floor across every building in the portfolio
  • Real-time fingerprinting of unmanaged, contractor, and silent devices
  • Single source of truth for what's actually on the network right now
  • Audit-ready evidence for HIPAA, PCI, SOC 2, NIST, and CMMC posture
SpacesIQ details →

Services around the platform

Where customers want CybrIQ run for them, integrated into a compliance program, or extended into broader strategic work. The four services are deliberately scoped so the right one matches the work you actually have.

SupportIQ · Managed Service

24×7 platform support and managed response.

SOC-style operations for the CybrIQ platform: continuous monitoring, alert triage, incident validation, and executive reporting. For customers who want platform value without standing up an internal operations team.

Read SupportIQ details
ComplianceIQ · Audit Support

SOC 2 readiness and audit support.

Guided SOC 2 readiness anchored in CybrIQ's Layer 1 evidence. Program setup, gap analysis, evidence execution, and audit coordination. For customers facing audit deadlines that need real evidence, not reconstruction.

Read ComplianceIQ details
AdvisoryIQ · Strategic Advisory

Strategic security leadership for the executive team.

A unified, business-aligned view of security posture, paired with continuous CybrIQ telemetry. Quarterly executive briefings, board-ready narratives, maturity trajectory. For leaders who need clarity at the top of the conversation.

Read AdvisoryIQ details
NetworkIQ · Architecture & Implementation

Network architecture built for how the business works.

Design and implementation of network environments engineered for performance, resilience, segmentation, and observability. Greenfield or legacy modernization. For customers who need the network underneath to actually align with the work happening on top.

Read NetworkIQ details
Solutions by Audience

The same question, asked in three different vocabularies.

The integrator, the security leader, and the compliance lead each ask one version of what is actually on this network right now? The deep-dives below show how CybrIQ answers it for each, from the same underlying Layer 1 record.

For AV Integrators

A recurring SKU on every Crestron, Extron, Q-SYS, Poly by HP, and Neat install.

The hardware sale is one-time. The relationship is what compounds. RoomIQ is the recurring line you can attach to every Crestron, Extron, Q-SYS, Poly by HP, or Neat room you ship, in a category your customer's CISO already has budget for and a question they are already trying to answer.

It also gives you the answer when the customer's security team comes in asking how the room is secured. That conversation used to stall the project for six weeks. Now it is a short walkthrough and a dated evidence pack signed off by the CISO before the install team has rolled out of the parking lot.

The integrators winning the next decade are the ones who own the room after the hardware ships. RoomIQ is how you do that without becoming a managed-services company.

  • A per-room recurring SKU your sales team quotes alongside every codec, switch, and DSP, with margin you control.
  • Project sign-off in week one instead of week six. The CISO gets the evidence pack before they ask for it.
  • A higher attach rate on every account. Each new room shipped becomes a renewal you can underwrite.
  • A defensible answer when the customer's IT team asks who owns what is plugged into the room.
  • A clean handoff to the CISO without giving up account control or letting the security vendor take over the room.
  • A relationship that compounds. The room you installed last quarter still pays this quarter.
RoomIQ for integrators →
The integrator engagement, Day 0 and Day 365. Day 0 shows a freshly commissioned conference room with codec, displays, and microphones. Day 365 shows a CybrIQ portfolio dashboard for the same partnership: 87 rooms under contract, $348K recurring ARR, per-room validation status, and one drift event live for review. The connection between them is labeled Recurring SKU.

What ships in the first 30 days

Day 1 A quote-ready RoomIQ SKU sheet you can attach to today's open proposals. Per-room pricing, your reseller margin, your branding option.
Week 1 A co-branded CISO answer document. Layer 1 evidence, Device DNA explainer, and a one-page security posture statement signed jointly.
Week 2 Sales-team enablement. A short deck, four customer-facing one-pagers, and a discovery script that opens the room conversation past the hardware list.
Week 3 to 4 A joint pilot in one customer environment. One building or one floor, fully fingerprinted, with a renewal-ready evidence pack handed to the CISO.
Attach
Every room
A recurring SaaS line that compounds across your install base. The portfolio becomes the asset, not the next bid.
Time to CISO yes
5 days
Typical sign-off window with the prebuilt evidence pack. The project no longer pauses on security review.
Account control
Yours
The security conversation runs through you. The customer's CISO talks to your team, not a third-party vendor cutting you out of the room.
For Security Leaders

The Layer 1 inventory the audit, the board, and the network team can all work from.

NAC and EDR see what they can see. They see the corporate VLAN. They see endpoints with agents. The defensible attack surface is bigger than that, and the gap is exactly where the next finding lives. SpacesIQ closes it by treating the wire as the source of truth and producing a continuous record the security team, the auditor, and the network engineer can all work from.

"What is actually on the network right now?" is the question your team gets asked the most and answers the slowest. CybrIQ answers it in seconds, with a document, dated and scoped, that the auditor does not have to interpret.

It also turns the AV and operational-technology surface from a known unknown into a known known. Every conference-room codec, every digital-signage player, every contractor-owned switch, fingerprinted, dated, and governed. The category you stopped getting findings on is the one you can finally close.

  • A continuously maintained Layer 1 inventory, not a quarterly reconstruction. Every device, every port, every change.
  • Drift detection that fires once per real change, not once per log line. Your SOC stops drowning in noise.
  • An export the audit team takes at face value. No reformatting, no translation, no chasing screenshots.
  • Vendor risk you can attest to. Crestron, Poly by HP, Logitech, Cisco, every one mapped to a port and a floor.
  • Findings on AV and operational-technology closed cleanly, with evidence dated to the audit window itself.
  • A board-ready answer to "how many devices do we have?" fresh as of the last polling cycle.
SpacesIQ for security →
Trust me versus show me. The board accepts evidence, not adjectives.

What ships in the first 90 days

Week 1 Initial Layer 1 inventory across the agreed scope. One building, one campus, or one priority floor. Devices, ports, fingerprints, drift baseline.
Month 1 Drift baseline reviewed with your SOC. Alerts tuned to your change-management cadence. Noise reduction measured against your existing NAC signal.
Month 2 Audit evidence pack template, mapped to your active framework. SOC 2, HIPAA, PCI 4.0, NIST CSF, or CMMC. New frameworks on request.
Month 3 Quarterly review cadence and an executive dashboard. Your board sees the same number your SOC sees.
Audit prep window
4 days
Reference Fortune 500 healthcare deployment, anonymized. Six weeks of reconstruction work before CybrIQ. Four days afterwards.
First-sweep finding
312 / 47
Devices found in the initial sweep, and devices missing from the asset register. Same reference engagement.
Inventory freshness
Continuous
The record updates between change events. The answer to "how many devices?" is current as of the last polling cycle, not last quarter.
For Compliance & GRC

Per-device, per-port, per-control evidence. Mapped once, used in every audit.

HIPAA. PCI. SOC 2. NIST CSF. CMMC. Each framework asks a slightly different version of the same underlying question. What is connected to your network, what is it, and how do you know? CybrIQ answers it once, with a continuously maintained Layer 1 record, then lets your GRC team map the same answer into whichever framework the audit is reporting against.

The auditor does not want a screenshot. They want dated, scoped, per-device evidence with a chain of custody. CybrIQ produces exactly that, and it lives one click away from the control it satisfies.

Pair it with ComplianceIQ if you want the readiness program and the audit coordination delivered as an engagement instead of a build-it-yourself exercise. Either path, the same evidence pack.

  • Per-device, per-port, per-floor history the audit takes at face value, not a quarterly reconstruction.
  • Continuous evidence trail, dated and scoped, available on demand. Not retro-built the week before fieldwork starts.
  • Pre-mapped to HIPAA Security Rule, PCI 4.0, SOC 2 (CC, A, P), NIST CSF, and CMMC controls. New frameworks on request.
  • Audit-defensible attestation that beats Excel-and-screenshots by every measure your audit firm cares about.
  • A reduction in external audit hours billed against your account, because the evidence is already structured the way they need it.
  • One source of truth for inside auditors, outside auditors, and regulators looking at the same network.
See ComplianceIQ →
Compliance mapping screen showing HIPAA Security Rule controls with current and review status.

What ships with a ComplianceIQ engagement

Kickoff Initial scoping against your active frameworks. Which controls, which floors, which audit windows. Roles and timelines documented.
Mapping Pre-built control-mapping document delivered as PDF and spreadsheet. Each Layer 1 evidence type linked to the controls it satisfies.
Quarterly A live evidence review with your audit lead. Anything new since last quarter, dated and scoped. Anything stale flagged early.
Audit cycle From auditor kickoff through fieldwork to remediation. Your team is not alone in the room with the audit firm.
Frameworks
5 mapped
HIPAA Security Rule, PCI 4.0, SOC 2, NIST CSF, and CMMC pre-mapped to CybrIQ evidence. Most regulated audits run from this set.
Evidence freshness
24 hours
Maximum age of any item in the audit pack, by design. Compare to monthly screenshot programs that go stale within days.
Standing target
Zero
Layer 1 and inventory findings in subsequent audit cycles after deployment. The commitment we engineer every ComplianceIQ engagement to hit.
Where CybrIQ Fits in Your Stack

What CybrIQ adds that NAC, EDR, and asset managers don't.

CybrIQ does not replace your network access control, endpoint protection, or asset-management tooling. It fills the visibility gap underneath them. The Layer 1 surface those tools were not designed to see.

Capability NAC EDR Asset Mgmt CybrIQ
Sees managed corporate endpoints Yes Yes Yes Yes
Sees unmanaged AV gear behind a room drop No No Partial Yes
Identifies devices that ship without an agent Partial No No Yes
Detects port-level device drift in real time No No No Yes
Produces audit-defensible Layer 1 evidence No No Partial Yes
Continuously validates device against its signature No No No Yes

Pick the entry point that matches the work in front of you.

Most customers start with one product or service. The portfolio is designed so the second engagement compounds with the first instead of starting over.

Book a Working Session Read the Briefs
Patented Device DNA™ SOC 2 Type II aligned NDAA 889 aligned Engineered for the AV channel InfoComm 2026 · Booth C5052