# CloudGuard AI

CloudGuard AI is a hybrid cybersecurity log analysis platform structured into three main operational zones: the Edge Agent at customer sites, the AWS public cloud serving as an internet-facing buffer and application layer, and the HQ private data center functioning as the core environment for search, analytics, storage, and machine learning operations.

### The Challenge

The high cost and complexity of traditional SIEM solutions leave smaller organizations vulnerable to cyber threats.

### Our Solution

An accessible, AI-powered Threat Detection platform. We use lightweight local agents to deliver end-to-end, enterprise-standard security with minimal infrastructure cost.

### Core Architecture

Our hybrid approach ensures that workloads are processed efficiently without overwhelming client networks:

* **Tier 1: Edge Agent** Runs an Isolation Forest model (using Simple One-Hot Encoding for categorization). This provides instant blocking of obvious attacks without causing a performance drop on the host machine.
* **Tier 2: Public Cloud (AWS)** acts as the ingestion buffer, web application entry path, and public-facing API layer. It safely stages telemetry before controlled transfer.
* **Tier 3: HQ Datacenter** The heavy-lifting core utilizing a Deep LSTM-Autoencoder (with Frequency Encoding). This centralized brain is dedicated to detecting "Low and Slow" attacks, Insider Threats, and complex APTs across the organization.