Yes, Agger is designed to support legacy systems, including Windows XP, Linux, Unix, and macOS environments. Custom agents can also be developed for specific needs.

Yes, Agger can be installed in fully isolated networks, whether on-premise or in private clouds, ensuring protection even in highly confidential environments.

Agger’s average response time is zero seconds, thanks to its ability to automatically apply predefined and customized rules as soon as an anomaly is detected.

Yes, the platform is developed in line with major regulations such as ISO/IEC 27001 and meets the requirements of ACN, NIS2, and DORA.

Agger natively integrates capabilities that in traditional SOCs require multiple tools: detection, correlation, endpoint security, and automated reaction—significantly reducing integration time and costs.

Agger is built to protect both IT and OT environments, actively monitoring industrial devices, PLCs, and agentless equipment, even when using proprietary protocols.

No, Agger can operate autonomously or integrate with an existing SOC. The platform is designed to minimize dependency on expert operators through intelligent automation.

Yes, with its AI engine and behavioral monitoring, Agger detects anomalous activity even if not yet classified as malware by traditional antivirus tools.

Installation is modular: it includes agents on endpoints, physical or virtual probes—active or passive—on the network, and central servers for coordination.

Absolutely. Agger is designed to operate in critical sectors such as healthcare, maritime, and industrial settings, ensuring operational continuity without disrupting services.

Agger can isolate the device, apply automatic containment rules, and, if configured, restore the pre-attack state to ensure business continuity.

Yes, the platform supports on-premise, private cloud, public cloud, or hybrid deployments.

Agger is highly scalable thanks to its modular architecture and multi-tenant support, making it suitable for SMEs to large industrial groups.

Detection rules are updated centrally by the Gyala team but can also be customized by the client or system integrator partners based on specific requirements.

Agger builds dynamic models of normal process and device behavior, automatically identifying any significant deviation as a potential threat.

Agger decodes hundreds of standard OT protocols (S7, DNP3, Modbus, Profinet, etc.) and can be extended with plugins for proprietary custom protocols.

Yes, Agger records and stores all event and incident logs in a readable and interoperable format, making them available for post-attack investigations.

Yes, the platform offers risk management tools, traceability, reporting, and integration with audit systems to support compliance efforts.

No, Agger can be installed on existing physical or virtualized servers, or cloud infrastructures, depending on your needs.

All communications between agents, probes, consoles, and servers are encrypted and digitally signed to prevent tampering or interception.

Yes, you can request a personalized demo by contacting our sales team or filling out the form on our website.

Agger can fully automate the identification, correlation, reaction, and management of incidents, limiting human intervention to post-event analysis.

Agger is not an antivirus—it’s a far more sophisticated system. It can replace or enhance endpoint protection solutions with advanced detection and automatic response capabilities.

Agger manages data in accordance with GDPR, with differentiated access controls for operators and administrators, access tracking, and operator activity logs visible to a dedicated auditor profile.

Gyala offers continuous support with customizable SLAs, training, updates, and assistance for customers or their system integrators.

Yes, Agger is already deployed in sectors such as defense, healthcare, energy, and utilities, and is designed for high-criticality scenarios.

Yes, Agger’s network behavior analysis module enables logical network segmentation, detects suspicious lateral movements or unauthorized traffic, and allows automatic reactions at both network and host levels.

Our technical and sales teams are available for a free consultation to evaluate how well Agger fits your infrastructure and needs.

Agger goes beyond OT traffic analysis: it can directly interact with OT systems such as PLCs, RTUs, and electronic boards where software agents cannot be installed. It also protects OT endpoints like HMIs and SCADA servers, correlates automation logs at the application level, and executes automatic responses—offering full IT and OT protection without relying on external SOCs, SIEMs, or SOARs.

Yes, Agger offers a more flexible and holistic approach through native integration of endpoints, network probes, and OT defense systems—delivering detection, response, risk management, and OT defense in one modular, fully customizable Italian platform.

Unlike classic SOARs that require central log collection in a SIEM, Agger brings playbooks directly to the endpoints, allowing broader event analysis and faster response. A second level of centralized correlation then applies infrastructure-wide playbooks—such as reacting on an endpoint in response to a network event.

Agger doesn’t just collect and correlate logs—it reacts automatically to events by applying customizable rules. It’s an active system, not just an analysis tool.

Agger combines behavioral AI algorithms with deep operational awareness of IT and OT contexts. This allows it not only to flag anomalies but to take immediate, predefined actions that replicate expert responses—faster and across the entire infrastructure—reducing exposure and impact.

Exactly. Agger was built to close this gap. It’s a full-stack platform for hybrid IT/OT environments, capable of securing legacy systems, SCADA, CNC machines, critical infrastructure, and traditional enterprise networks.

Agger was born from real operational needs in the Defense sector and is already in use by major industrial groups, hospitals, utilities, banks, and enterprises. Beyond its technical quality, it offers strategic advantages: digital sovereignty, local support, and greater flexibility and responsiveness.