Threat-Informed
Cyber Health.
Cyentrix pulls live threats from the wild — ransomware campaigns, breach patterns, exploited CVEs hitting your region — and maps each one to the controls you need in place. Verify with a tap. Your Cyber Health score compounds as you do the work.
Maps to MITRE ATT&CK · NIST CSF · ISO 27001 · CIS v8 · NIS2.
Inside app.cyentrix.com
The daily loop your team actually does.
A continuous-verification workspace: live threats land in your feed, controls map themselves, every tap moves the score. No quarterly audit cycle — a habit instead.
Daily incident feed
Real incidents from the intel feed filtered to your region. Each row carries an addressed / partial / not-addressed badge based on the controls you’ve verified.
Quick-tap verification
Pass / Partial / Fail / N/A on every control mapped to today’s threats. Notes auto-save. Verify once — the same control updates everywhere on the page.
Cyber Health score
One persistent 0–100 score, severity-weighted, with a 90-day trend. When a new threat reappears sharing controls you’ve already passed, you’re already credited.
No credit card · email magic-link sign-in · upgrade to Advanced or Enterprise when you’re ready.
Audit programs
Run a real audit in under 30 minutes.
Each program tests a focused set of controls. Score yourself, find the gaps, ship the fixes.
Website Defacement Campaign — Control Review
Ongoing pattern of website defacements where attackers replace site content to push a political or trophy message. Implies the targeted CMS / web tier has unpatched vulnerabilities, weak admin credentials, or missing WAF.
Ransomware Incident — Control Review
Confirmed ransomware encryption + extortion event. Calls for the full playbook: MFA on remote access, immutable backups, EDR on every endpoint, network segmentation, PAM and a tested IR playbook.
Database Leak / Unauthorised Data Exposure — Control Review
Attacker dumps or sells a customer database. Implies the data store was accessible from the internet, lacked encryption at rest, or had weak access controls. DLP, classification, encryption and database access auditing close the gap.
Risk scoring
A score you can show the board.
Every audit run produces a weighted risk score, a tier rating, and a list of failed controls with remediation owners. Re-run quarterly to track drift.
- 80–100 Low risk
- 60–79 Medium
- 40–59 High
- 0–39 Critical
Why Cyentrix is different
Built for the way real audits happen.
Threat-first, not framework-first
You audit the threat that's actually relevant to you — not the entire ISO 27001 control set.
MITRE ATT&CK aligned
Every threat is mapped to ATT&CK tactics so your audit speaks the same language as your detection team.
Deterministic, not AI guesswork
Every mapping is rule-based and auditable. No LLM black-box deciding which controls matter — your assessor can see the rule that produced every recommendation.
Re-run as threats evolve
New ransomware variant? Re-run the audit. The threat changes, the controls don't — you just re-score.
Build the daily habit. Watch the score move.
Sign in to app.cyentrix.com with your email — no credit card. The free Core tier covers ~100 baseline controls plus every control mapped to live threats in your region. Upgrade to Advanced when you need the full register.