Score vulnerabilities, model risk, map your controls to a framework and check where you stand against ISO, NIST and privacy law. The governance and compliance side of the work.
Score a vulnerability with the CVSS v3.1 base, temporal and environmental metrics and read the severity.
Score a vulnerability with the official CVSS v4.0 metrics and get the score and severity from a vetted engine.
Plot likelihood against impact on a five by five matrix and build a ranked risk register you can export.
Browse all 93 Annex A controls from ISO 27001:2022 and track your statement of applicability.
Work through the six functions and 22 categories of the NIST Cybersecurity Framework 2.0 and profile your tiers.
Cross map NIST CSF 2.0 and ISO 27001:2022 controls to see where the two frameworks line up.
Check your readiness against GDPR and the India DPDP rules with a scored, exportable checklist.
Generate a password policy aligned to current NIST SP 800-63B guidance, ready to drop into a document.
Assemble policy documents from selectable templates with ISO and NIST alignment notes.
Run a guided risk assessment across your environment and surface the gaps that matter most.
Model threats against a system using the STRIDE categories and capture a mitigation for each one.
Check your cloud setup against a practical security baseline across identity, network and data.
Estimate the financial impact of a security incident from downtime, response and recovery costs.
Test and reinforce staff security awareness with a quick interactive quiz.
Framework references track the published standards, including NIST CSF 2.0 and ISO 27001:2022. Last reviewed June 2026.
Free for learners. Tell us who you are once and every tool opens after that. It helps us keep the tools working and build what you actually need.
One time only. We never sell your data.
