ZADIG is an advanced Extended Detection and Response (XDR) platform developed by BitCorp.
It combines a modular architecture with proprietary AI models, enabling tailored security across enterprise infrastructures. ZADIG integrates capabilities typical of EDR, SIEM, NDR, IDS/IPS, and SOAR into a cohesive system with multi-layered protection, log aggregation, threat intelligence, and remediation automation.
Modular Architecture
ZADIG is composed of five primary modules, each operable standalone or as part of an XDR suite:
ITD – Intelligent Threat Detector
Function: Behavioral and anomaly-based detection powered by self-learning ML models.
Features:
- AI anomaly detection using proprietary models.
- Continuous monitoring with low false positives.
- Custom model training using client data.
- Scalable performance across environments.
Use Case: Core for threat modeling and predictive defense.
EDR – Endpoint Detection & Response
Function: Monitors and protects endpoints (Windows, macOS, Linux, iOS, Android).
Features:
- Agent-based continuous monitoring.
- Cross-platform support via modular architecture.
- Logs file access, process execution, registry changes.
- Integration with ITD and SOAR for real-time correlation and remediation.
- Supports persistent and non-persistent deployments.
Use Case: First-line defense for endpoints and lateral threat movement detection.
SIEM – Security Information and Event Management
Function: Aggregates and correlates logs across all infrastructure components.
Features:
- Integration with third-party SIEMs and native functions.
- Rule-based and ML-based event correlation.
- Log parsing, BI dashboards, MITRE ATT&CK framework alignment.
- Hot-warm-cold retention policies with Opensearch/Elasticsearch/Azure support.
Use Case:Central analysis point for threat intelligence and SOC operations.
NDR – Network Detection & Response
Function: Passive probe-based analysis of real-time network traffic.
Features:
- Coverage of both standard and proprietary/OT protocols.
- Guest isolation, network segmentation, and failover routing.
- Integration with EDR and ITD for layered response.
- Post-event forensic analysis via replayable traffic logs.
Use Case: Ideal for environments with unmanaged devices or complex OT layers.
M-IDPS – Modular Intrusion Detection & Prevention System
Function: Deployable IDS/IPS for remote/branch offices and SMEs.
Features:
- Plug-and-play hardware/software stack.
- Zero-knowledge install, AI heuristics, and attack isolation.
- VPN, firewall, DNS/AD-block, and anti-ransomware features.
Use Case: Enables small offices or suppliers to harden perimeters and comply with ISO 27001, NIS2, AgID.
Next-Gen Features
SOAR – Security Orchestration, Automation, and Response
Function: Case and incident management, response playbooks, and automated remediation.
Features:
- Automated triage (phishing, alerts, manual input).
- Remediation playbooks: isolate hosts, disable users, block indicators.
- Metrics (MTTD, MTTR), PDF incident reporting (AAR).
- TI enrichment from multiple providers.
Use Case: Streamlines SOC operations with guided incident lifecycle management.
TEP – Transport Encrypted Protocol
Patent-backed blockchain-based protocol.
Function:
- Mesh network defense with cold/warm communication modes
- Federated intelligence exchange between installations.
- Immune to DDoS, MITM, spoofing.
Use Case: Cyber-resilient infrastructure for defense, utilities, smart grids.
Deployment & Integration
- Data Ingestion pipeline supports: Syslog, Filebeat, Kafka, Windows Event Collector, NetFlow, DB, CSV, FTP.
- Storage Backends: Elasticsearch, AWS OpenSearch, Azure Log Analytics.
- Management UI: Role-based (Admin, Editor, Viewer) with SSO and MFA (OAuth2, SAML).
- APIs: Full automation support via RESTful interfaces.
- Dashboards: Custom visual panels, alert priority, MITRE tagging.
Differentiators
- AI models trained on client infrastructure (no data exfiltration).
- Behavioral-based detection engine with domain-specific learning.
- High compliance readiness (ISO 27001, NIS2).
- Efficient for both cloud-native and hybrid deployments.
- Fully European-built, sovereign tech with NATO/SAM GOV approval.
Our professionals are at the service of the corporate world and the public administration to help you overcome any obstacles related to the processes of digital transformation and the implementation of adequate security measures against incidents and cyber-attacks.
In the event of an accident, our aim is to assist you in recovery of your data, identification of responsibilities and crystallization of sources of evidence for possible uses in the judicial process.
Using the skills acquired during the offensive intelligence activities at the service of the institutions, we carry out activities of pentesting, both with automated tools and with human activity, realizing truly effective assessments to evaluate the security of the applications and the infrastructure.
BITCORP believes strongly in its technology. Nevertheless, it cannot disregard the human resource. Even the best performing system may have limited effectiveness if not associated with conscious behavior by the users of the monitored network. That's why BITCORP always accompanies the offer of each product with specific training in cyber security for all its customers, from ordinary people to the most experienced IT managers.
