NICANOR — Command. Protect. Prevail.

Enterprise-grade SOC/XDR platform unifying SD-WAN, EDR, AI-driven threat analysis, and automated incident response into a single self-hosted command center. Built MikroTik-native for MSPs and multi-site organizations.

Request Demo View Platform
9
Core Modules
AI
Threat Engine
100%
Self-Hosted
RBAC
Multi-Tenant
// Interface Preview

Platform Overview

Click any screenshot to expand full-resolution view.

Main Dashboard
Main Dashboard // Fleet & Health 01
SOC Dashboard
SOC Dashboard // Event Pipeline 02
EDR Incidents
EDR Incidents // Severity Triage 03
AI Deep Investigation
AI Deep Investigation // Incident Analysis 04
// Capabilities

Core Modules

Nine integrated modules delivering complete network defense, from edge to endpoint.

01

SD-WAN Management

Centralized control over MikroTik routers across all sites. Auto-discovery, firmware management, VPN tunnel orchestration, QoS policies, and real-time topology mapping with failover automation.

02

EDR — Endpoint Detection

Agent-based endpoint monitoring across Windows, Linux, and macOS. Behavioral analysis, file integrity monitoring, process tracking, and automated containment with one-click isolation of compromised hosts.

03

SOC — Security Operations

Unified security dashboard aggregating events from routers, endpoints, and network sensors. Incident pipeline with severity classification, assignment workflow, escalation rules, and full audit trail.

04

AI Threat Analysis

Multi-model AI engine (Claude, ChatGPT, Ollama) for deep investigation of security incidents. Automated root cause analysis, IOC extraction, MITRE ATT&CK mapping, and natural-language investigation reports.

05

Attack Path Simulation

Continuous security posture assessment with router hardening scores, vulnerability scanning, and attack path visualization. Identifies misconfigurations and weak points before adversaries exploit them.

06

SOAR — Automated Response

Playbook-driven automation engine for incident response. Auto-block IPs, isolate endpoints, revoke access, trigger firewall rules, and execute multi-step remediation without human intervention.

07

WAF & IDS

Web Application Firewall and Intrusion Detection integrated natively with MikroTik. Layer-7 inspection, signature-based and anomaly detection, DDoS mitigation, and traffic shaping at the network edge.

08

Digital Forensics

Full packet capture, session reconstruction, and evidence preservation for post-incident analysis. Timeline-based investigation with log correlation across routers, endpoints, and network flows.

09

Risk Scoring & Compliance

Continuous risk assessment across all network assets. Per-router and per-endpoint security scores with automated compliance reporting, trend analysis, and executive dashboards.

// Deployment

Deployment Options

Infrastructure that fits your operation.

Self-Hosted

Full on-premise deployment. Your data stays on your infrastructure. Complete control with Docker-based installation.

MSP Multi-Tenant

Serve multiple clients from a single instance with full RBAC isolation. Per-tenant branding, billing, and dashboards.

Enterprise

Multi-site deployment with centralized management. HA clustering, geo-distributed nodes, and custom SLA agreements.

Ready to Deploy NICANOR?

Unified cybersecurity command — from router hardening to incident response, powered by AI.

Request Demo