SAPIEN Platform



Protecting your OT, IT and IoT networks can be achieved by deploying the Sapien Platform.  Once installed, the system acquires a mirror of the network traffic and automatically produces Alerts for any detected threats and network anomalies. 

The platform provides a complete suite of tools for analysts to perform deep packet inspection in order to determine the extent of any malicious activity and our experts produce recommend steps to protect the network. 


Live network traffic is ingested through the Acquisition Sensor for pre-processing and threat detection.

The Control System automatically analyses anomalies and correlates alerts across the multiple sensor technologies and system logs ingested.

Alerts are combined with threat intelligence within the Command Centre and manually investigated to determine the optimised response to the threat

Threats assessment and remediation reporting provide complete situational awareness on any anomalies, vulnerabilities, threats and attacks.

Sapien Technology WORKS to Improve your security posture

The Sapien Difference

  • Monitor OSI layer 2 traffic and above
  • Operates with nanosecond precision
  • Implements Machines Learning algorithms to identify zero-day attacks
  • Delivers a fully managed service with industry experienced Security Analysts providing actionable threat intelligence

The Sapien Platform ingests and processes Layer 2 network traffic from your network and processes the data in parallel through multiple threat detection engines and machine learning modules.

The engines look for attacks by searching and investigating the network traffic data for specific patterns such as unique sequences of data.

The outcomes from all engines are then correlated to deliver a tuned response that reduces the number of false positives and speeds up the investigation process by allowing analysts to prioritise the most important events for each client.

The Sapien Difference


The system uses innovative passive detection technology to continuously, and automatically identify devices throughout the network and capture information such as IP Address, MAC Address, device manufacturer and device type.

This also identifies unmanaged devices that may only be briefly connected to the network.  By using passive techniques, the client is assured that no devices are disturbed in any way during the interception of data.


The technology simultaneously analyses network traffic with sensors that use different detection algorithms to achieve a high detection rate and low false-positive rate.

Any alerts that are detected by the sensors are automatically correlated and pre-processed to create a case that is investigated by an experienced security analyst.

Once the investigation is completed the tailored threat response recommendations are provided to the client for further action through the intuitive client interface.

Multiple Sensors


The Sapien Security Operating Centre (SOC) comprises a team of cybersecurity and industry system experienced practitioners, that provide continuous network visibility and contextualised actionable alerts to rapidly prioritize, investigate and remediate threats across your entire network.


  • Detect Unknown Unknowns
  • Defense Against Zero Day’s
  • Proprietary Sapien Machine Learning Algorithms

The Sapien Threat Detection Machine Learning uses a combination of clustering, time series decomposition, Bayesian distribution modelling, and correlation analysis algorithms to identify anomalies in features provided to the algorithm.

These features are selected based on the question the expert is asking of the data.

When deviations in values occur according to our proprietary algorithms, alerts are raised. 

These alerts are then correlated with signature alerts from our sensors to eliminate known-known anomalies.

The remaining alerts are then investigated by an analyst using the protocol level dashboards and deemed benign or raised as a true anomaly.

Feeding this associated information to the Machine Learning (ML) component can detect a zero-day attack.

Cyber Machine Learning

discover how sapien can help you today