Skip to content
KYRA MDR KYRA MDR Docs

Overview

KYRA AI MDR is an enterprise Managed Detection & Response (MDR) SaaS platform that provides comprehensive cybersecurity monitoring, threat detection, and incident response capabilities for organizations of all sizes.

Key Capabilities

  • Real-time Threat Detection: AI-powered analysis using Claude for automated threat classification and prioritization
  • Multi-tenant Architecture: Secure data isolation between organizations with role-based access control and single sign-on
  • Scalable Event Processing: High-throughput ingestion pipeline supporting sustained thousands of events per second per tenant
  • AI-Powered Analysis: Specialized AI agents for automated alert triage (99% false positive filtering), incident investigation, and proactive threat hunting
  • Enterprise Integration: 36+ native connectors for leading SIEM, SOAR, EDR, and security tools
  • Threat Intelligence: 27+ integrated feeds collecting 50,000+ IOCs with automated correlation
  • SOAR Playbooks: Automated response workflows with trigger conditions and multi-step execution

Platform Components

Core Platform

  • Management Console: Unified SOC dashboard with 27+ feature pages — alert management, incident response, analyst workbench, playbooks, compliance tracking, threat intelligence, MITRE ATT&CK matrix, investigation graphs, and executive reporting
  • API Gateway: Spring Boot microservice handling all console API requests with JWT auth, tenant isolation, and rate limiting
  • Ingestion Gateway: Secure event collection endpoint with quota enforcement, rate limiting, and multi-tenant isolation (REST + gRPC)
  • Analytics Engine: Real-time and historical analytics for security metrics, trend analysis, MTTD/MTTR, and operational intelligence
  • AI Agent Core: LangChain4j + Claude integration for threat classification, investigation assistance, and content generation

Data Collection

  • Log Collector: Lightweight on-premises Rust agent for private network environments — collects, filters, normalizes, and securely forwards security telemetry
  • Cloud Sensors: Cloud-native sensors for AWS, GCP, Azure, and NCP environments using traffic mirroring APIs
  • Network Detection (NDR): Built-in network traffic analysis with deep packet inspection, flow tracking, and behavioral baselining
  • EDR Agent: Endpoint detection and response agent for host-level monitoring

Console Features (27+ pages)

GroupFeatures
OverviewDashboard, SOC Metrics, AI Analysis
Detection & ResponseDetections, Incidents, Analyst Workbench, Playbooks
InvestigationLog Search, Network Logs, Timeline, Investigation Graph
Threat IntelligenceThreat Intel (27+ feeds), Risk Intelligence, Detection Rules, MITRE ATT&CK
InfrastructureAssets, Subdomains (EASM), Connectors (36+), Collectors
ComplianceCompliance (9 frameworks), Identities, Privacy/DSR
ManagementReports, Audit Logs, Notifications, Billing, Settings

Security & Compliance

  • Multi-factor Authentication: Enterprise-grade authentication with SSO support (Okta, Azure AD, Google)
  • Role-based Access Control: Granular permission management with Admin, Analyst, and Viewer roles
  • Data Encryption: End-to-end encryption for all data at rest and in transit
  • Compliance Frameworks: ISMS-P, ISO 27001, SOC 2, PCI-DSS, TISAX, CMMC, GDPR, CCPA, NIST CSF

Service Tiers

TierPricingTarget MarketKey Capabilities
Detect (Free)$0/moSmall (1-30 employees)Security posture check, basic monitoring, log search, dashboard
Respond (MDR)$230/moSMB (10-100 employees)24/7 AI detection, auto-response, incidents, playbooks, threat intel, 500 EPS, 90-day retention
Hunt (Pro)$600/moMid-market (30-300 employees)Full MDR + compliance (ISMS-P + SOC 2), identities, EDR actions, 2,000 EPS
CustomNegotiatedEnterprise (300+)Unlimited EPS, on-site support, custom playbooks, multi-framework compliance

View detailed service tier comparison

Technology Stack

LayerTechnology
FrontendNext.js 15, React 19, Tailwind CSS, shadcn/ui, TanStack Query, next-intl (en/ko/ja)
BackendSpring Boot 3 (Java 21), JPA/Hibernate, PostgreSQL
AI EngineLangChain4j + Claude (fallback: keyword heuristics)
Data PipelineKafka, ClickHouse, OpenSearch, Redis
CollectorRust (lightweight, cross-platform)
InfrastructureDocker, Nginx, Let’s Encrypt

Getting Started

  1. Quick Start Guide — Get up and running in 10 minutes
  2. Platform Architecture — Understand how the platform protects your organization
  3. Management Console — Explore the SOC dashboard features
  4. Service Tiers — Choose the right service level for your needs
  5. Deployment Options — Deploy KYRA MDR in your environment
  6. Console API — Integrate with existing tools and workflows

Support