Cyber Horizon
The platform

One platform for GRC and security.

Compliance automation, risk quantification, integrations, incident response and threat intelligence — working from one shared evidence trail, built for CISOs and the teams behind them.

Book a Demo View Pricing

Compliance Centre

Every control tracked to evidence.

Work the full ISO 27001 Annex A control set — and 71 more frameworks — with live implementation status across Organisational, People, Physical and Technological domains, plus search, filtering and one-click export.

  • All 93 ISO 27001 Annex A controls
  • Live status: implemented, partial, in progress
  • Categorised and searchable
  • One-click audit-pack export
app.cyberhorizon.co/compliance/iso-27001
ISO/IEC 27001:2022
Information Security Management · 93 Annex A controls
0%
0/93 implemented
93
Not Implemented
0
In Progress
0
Partial
0
Implemented
0
N/A
  • A.5.1Not Implemented
    Policies for information security
    A.5 Organizational controls · Organizational
  • A.5.2Not Implemented
    Information security roles and responsibilities
    A.5 Organizational controls · Organizational
  • A.5.3Not Implemented
    Segregation of duties
    A.5 Organizational controls · Organizational

Risk Register

Enterprise risk, with a number on it.

Track every risk by severity and status, see total financial exposure at a glance, and hold owners accountable across corporate and departmental registers.

  • Total exposure quantified in £
  • Severity & status on every risk
  • Owner accountability
  • Corporate and departmental registers
app.cyberhorizon.co/risk-register
Risk Register
Enterprise risk visibility and accountability
5
Total Risks
5
Open Risks
4
High/Critical
£3,575,000
Total Exposure
  • CriticalOpenCompliance
    Geo-Fencing implementation
    £2,000 ×5 = £10,000
  • CriticalOpenCyber
    Ransomware attack on production infrastructure
    LockBit 3.0 / Akira · CVE-2024-21887

Integrations

Continuous posture monitoring.

Connect cloud, identity, endpoint, vulnerability, DevOps and HR tools across 23 integrations — each running dozens of automated security checks against your live environment.

  • 23 integrations across 7 categories
  • AWS 30+ and Azure 60+ automated checks
  • Failing checks surfaced in real time
  • One-click connect
app.cyberhorizon.co/integrations
Integrations
Continuous security posture monitoring
1
Connected
3
Checks
0
Failing
All 1/16Cloud 3Identity 2Endpoint & Vuln 5DevOps 1/3HR & Workflow 2
  • Amazon Web ServicesNot connected
    30+ checks: IAM, S3, CloudTrail, GuardDuty, EC2, RDS, Lambda, EKS, KMS
    + Connect
  • Microsoft AzureNot connected
    60+ checks: NSGs, VMs, SQL, AKS, Storage, Defender for Cloud
    + Connect
  • Google Cloud PlatformNot connected
    IAM, Compute, Cloud SQL, GKE, Storage, Firewall rules, audit logging
    + Connect

Incident Response

Triage and resolve, end to end.

Run cases aligned to NIST IR / ISO 27035 with AI incident insights, severity and ownership tracking — from first alert through to resolution and lessons learned.

  • Case management with AI insights
  • Severity, owner and ageing tracking
  • Aligned to NIST IR / ISO 27035
  • Linked to your evidence trail
app.cyberhorizon.co/incident-response
Incident Response
Track, triage and resolve incidents — NIST IR / ISO 27035
2
Open Cases
0
Critical
0
On Hold
2
Resolved / Closed
  • resolvedMediumSev · Medium
    Brute force attack on admin portal
    Platform Team · Opened 03/05/2026
  • in_progressHighSev · High
    Phishing campaign targeting finance team
    SOC Team · Opened 03/05/2026

Threat Intelligence

See the threat before it lands.

A live threat feed and IOC reference mapped to MITRE ATT&CK — each entry carries technical detail and recommended actions you can push straight into an incident.

  • Live CVE & IOC feed, CISA KEV enriched
  • 25 threat actors mapped to MITRE ATT&CK
  • Recommended remediation actions
  • One-click “add to incident”
app.cyberhorizon.co/threat-intelligence
Threat Feed 11IOC Reference 48
CRITICAL

Check Point Security Gateway authentication bypass permits remote admin access

CVE-2026-50751 was added to CISA KEV on 2026-06-08 and is under active exploitation — unauthenticated attackers can reach the gateway's management interface and deploy malicious policies.

cveCritical InfrastructureFinancial ServicesHealthcareCVE-2026-50751
HIGHIOC 185.220.101.x · Cobalt Strike C2 beacon
live

// Built on one foundation

Why it all works together.

Every module reads and writes from the same data model — so evidence collected once counts everywhere.

One data model

Controls, evidence, risks, vendors and incidents share a single source of truth — no silos, no re-keying.

Automation everywhere

Evidence collection, control monitoring and reporting run continuously in the background.

Open & integrated

Connect your cloud, identity and ticketing stack — plus a REST API and webhooks to build your own.

Core platform from day one

Risk, compliance, vendor risk, threat intelligence and AI on your first plan — with the Trust Center, deployment controls and SSO as you scale.

See the whole platform in action.

Book a 30-minute walkthrough and we'll set up your first framework with you.

Book a Demo View Plans & Pricing