Platform Overview

Take control of your Cyber Risk…

and build a more secure organisation in 2024.

Get an industry leading comparative cyber security risk assessment quickly.

Cyber Tzar enables you to access and manage one of the most critical issues to your organisation, cyber risk, as highlighted by Gartner. Cyber Tzar is a Cyber Risk Management Platform that enables you to identify, manage, evaluate and action cyber threats in a timely manner. Cyber Tzar help manage the cyber security skills gap for business owners, risk managers, information security professionals, and developers by delivering automated tools and easy to consume information that democratise cyber security.

The Uniques of Our Platform Capabilities

The Cyber Tzar platform combines: 

– Inside-out and outside-in approaches
-1st and 3rd party supply chain management
-Empirical quantifiable data and qualitative/questionnaire evidence

MULTI-TIER

Empirical, timely and consistent visibility of both an organisation and its end-to-end network of software/SaaS/shadow IT and physical suppliers.

CYBER RISK BENCHMARKING AT SCALE

Benchmark organisations by size, sector and geography, or across a customised list of selected specific organisations.

The Uniques of Our Platform Capabilities

Cast a Wide Net

  • Quantitative data captured at source
  • Tactics, techniques, procedures taken from pen testing
  • Combines multiple sources and taxonomies of vulnerability data
  • Parses them through risk frameworks via threat intelligence

Scalable Cloud Portability

  • UK cloud-hosted, meets ICO and GDPR data requirements
  • can be deployed rapidly to public or private clouds
  • Uses standardised building blocks
  • Scales horizontally to perform hundreds of thousands of scans concurrently

Framework Informed Intelligence

  • Delivers NIS 2 guidance focusing on genuine risk posture, not just checking certification
  • All vulnerabilities identified by NIST, MITRE ATT&CK, OWASP Top Ten, CWE, and WASC

Secure by Design

  • Architecture is based upon the National Cyber Security Centre and Government Digital Services patterns and design principles
  • Reviewed by NCSC Security Architecture Team the during the NCSC For Startups programme.

Our Design Principles

Our Platform

Our Cyber Security Risk Management Platform

Industry leading Cyber Essentials insights, analysis, and intelligence using a range of tools that involve genuine vulnerability scanning and risk assessment to give a quick, comparative cyber security risk position.

Cyber Tzar features include:

  • Security led innovation – We use the OWASP Zap framework. This is easily the current “best in class” automated penetration test that is available today

  • Comprehensive Testing – We use other best in class tools to provide: subdomain discovery, SSL certificate health checks, and port vulnerability scanning

  • Standards Compliant – Our outputs are rigorously mapped to, and include reporting in, OWASP Zap Top Ten (2021), the MITRE Framework, and the NIST Framework

  • Security with DevOps – We provide an API interface so that you can easily combine and integrate security testing, engineering, and remediation into the software development life-cycle (“SDLC”)

  • Track change over time – We provide a full range of analytic graphs and ways for you to view your data. Changes over time allow you to understand how you are improving as well as the changes in vulnerabilities

  • Scan your APIs too – As well as scanning your websites for code and configuration issues our platform can also check your APIs for security vulnerabilities

Commercial Model

  • One-off assessment or annual plan with monthly/weekly assessments
  • Partner Program for risk assessments and benchmarks as either Recommender or Reseller