CyberScore, your comprehensive security assessment tool for Windows and Mac. CyberScore is meticulously designed to analyse key security measures on your device, delivering critical insights and recommendations to bolster your system's security.

Using CyberScore After Installation

The video (above) demonstrates how to use CyberScore once you have downloaded and installed it from the Microsoft App Store.

Key Hardening Features

• Application Whitelisting: Guarantee that only trusted applications operate on your system, covering everything from executables to AppX and Windows installers.
• Office Macro Security: Protect your Microsoft Office environment by allowing only verified macros, reducing the risk of malware.
• PowerShell Security: Implement stringent PowerShell policies to block unauthorised scripts.
• User Application Settings: Strengthen security across user applications on Windows and macOS (including browsers like Internet Explorer, Chrome, and Edge). Enhance browsing security by disabling risky features and enabling protective settings.
• Backup and Recovery: Create system restore points and backups for quick recovery and system integrity.

Undo Functionality

CyberScore’s undo feature allows you to revert settings to their original state, offering flexibility and peace of mind. This is crucial for testing security settings and swiftly restoring functionality after trials.

1-Click Hardening & Undo

The video (above) showcases how you can use a license key to automatically harden the machine in line with the ACSC’s Essential 8 in 1-click, as well as undo the hardening in 1 click.

Why Choose CyberScore?

Compliance with Standards: CyberScore is designed to meet stringent requirements, including ACSC’s Essential 8 and DORA, providing a robust foundation for your cybersecurity strategy.

Comprehensive Reports: Each test is accompanied by a detailed report scoring your current settings and offering specific advice on enhancements.

Real-Time Adjustments: Continuously update and refine your security settings in real-time to stay aligned with the latest threat landscape.

Discover What CyberScore Offers

Dynamic Testing & Evaluation: Experience a series of robust tests that assess the efficacy of your security measures. CyberScore’s detailed HTML reports provide clear, actionable insights to help you understand and enhance your security posture.

Key Reporting Features

• Assessment Progress Visualisation: Monitor the effectiveness of crucial security implementations such as whitelisting with real-time progress gauges.
• Robust Application Control Tests: Determine resilience of your application security controls. Our tests reveal potential execution of unwanted software, accompanied by detailed reports for each test file.
• Office Macro & Script Protections: Ensure only digitally signed Office macros run on your system, blocking malicious scripts and unauthorised executions.
• Comprehensive Backup & User Privilege Assessments: Evaluate your backup strategies and user privileges to minimise administrative risks.
• Network & File Sharing Security: Analyse file share and network settings for vulnerabilities, mitigating unauthorised access and data breaches.
• Web Content Control: CyberScore’s content control assessment ensures a secure and compliant browsing experience for workplace or family settings.

TerraView Essential 8: Comprehensive Essential 8, System Health & Security Monitoring

Overview: TerraView Essentials is a powerful and user-friendly system health and security monitoring tool designed for enterprise-level management and oversight of Windows systems. It offers comprehensive Essential 8 reporting, system diagnostics, automated security checks, malware testing, and centralised reporting for IT professionals, system administrators, and security teams.

For quick and easy 1-click Essential 8 hardening, simply run /harden on the command line!

Key Features

• Automated System Health Checks: Hardware diagnostics, disk space analysis, and disk encryption status to maintain operational readiness.
• Comprehensive Security Audits: Checks OS patches, antivirus status, firewall configs, office macro settings, application security, and user accounts.
• Malware Detection (Optional): Test your antivirus effectiveness with a benign malware signature.
• License Management: Ensures only authorised users can access the system, halting if an invalid/expired license is detected.
• Configurable Centralised Reporting: Securely upload system check results to a remote server for aggregated fleet visibility.
• Encrypted Configuration Files: Credentials and server details are stored with AES-256 encryption in config.bin.
• Retry Mechanism: Intelligent exponential backoff for connection attempts, avoiding network overload during downtime.
• Extensive Report Generation: Outputs both JSON and HTML reports for easy local review and centralised access.
• PowerShell Script Management: Ensures script execution is securely managed, preventing unauthorised scripts.

Customisable Execution

TerraView Essentials supports multiple command-line flags:

• License Key: Provide your license key for authentication.
• Centralised Reporting: Provide server credentials to upload reports for remote viewing.
• Malware Test Flag: Use /m to test malware detection capabilities.

Usage Scenarios

• ACSC Essential 8 Reporting: Monitor essential 8 compliance on standalone or aggregated systems.
• Enterprise System Monitoring: Ideal for IT departments managing multiple Windows systems.
• Security Compliance Audits: Periodic checks to ensure compliance with internal policies and industry standards.
• Malware Response Validation: Validate antivirus configuration with optional malware tests.
• Remote Management: Centrally upload reports for distributed system oversight.

Getting Started with TerraView Essentials

1. Download & Install: Deploy on the Windows systems you wish to monitor.
2. Run System Checks: Execute with a valid license key for a full system audit.
3. Configure Centralised Reporting (Optional): Supply server credentials for aggregated reporting.
4. Malware Testing (Optional): Add /m to validate antivirus detection.
5. View Reports: Inspect results locally or on the central dashboard (system health, vulnerabilities, compliance).

Security-First Approach

TerraView Essentials adheres to strict security protocols. Data, configuration files, and reports are securely handled using modern encryption. Only authorised users can modify settings, making it a trusted tool for environments where security and compliance are paramount.

GetaSploit Exploit to Vulnerability Correlation

Don't focus on vulnerabilities alone—let GetaSploit handle the triage. It correlates vulnerabilities with actual exploits, providing source code for each exploit. This enables **patching based on exploitability**, and allows you to test if vendor patches truly address the exploits.

• Correlates vulnerabilities with exploits to prioritise critical patches.
• Ensures security teams focus on already weaponised or likely-to-be-exploited issues first.
• Proactively reduces risk of security breaches by targeting the most urgent vulnerabilities.

In summary, GetaSploit empowers your patch management by focusing on **real-world exploits** rather than just theoretical vulnerabilities.

Automated Web Security Scanning

Our sophisticated automated web security scanning ensures your web applications remain fortified. Think of it as a vigilant guard, continuously patrolling for potential vulnerabilities:

• Comprehensive Analysis: Identifies both overt and subtle application weaknesses.
• Proactive Security: Detect and address potential threats before exploitation.
• Time Efficiency & Consistent Monitoring: Automated scans guarantee consistent coverage as applications evolve.

This proactive approach ensures that your digital assets remain secure, reliable, and trustworthy.

Automated BlackBox Discovery and Enumeration

Our automated enumeration process is the essential catalog for your network environment, ensuring no device or service goes unnoticed. Key benefits include:

• Internet Access Required: Enumerates internet-facing resources.
• Comprehensive Discovery: Identifies Fully Qualified Domain Names (FQDNs) thoroughly.
• Deep Dive Analysis: Scrutinises each FQDN, ensuring all services and ports are accounted for.
• Time Efficiency & Consistency: Automated scanning yields repeatable, error-free results.

In short, BlackBox enumeration offers a reliable, efficient, and comprehensive means of understanding every nook and cranny of your network.

Automated Multi-system Enumeration

Even if your environment is cataloged, system drift occurs. Use the BlackBox inventory to ensure systems and services remain consistent, detecting changes quickly. The approach is the same:

• Comprehensive FQDN Discovery and analysis.
• Time-efficient scanning with consistent results every time.
• Deep Dive Analysis ensures you have a contemporary inventory of running services.

Comprehensive Cloud Security Analysis Tool

The CloudView Cloud Security Tenancy Audit Report is an advanced solution for in-depth audits of cloud environments and landing zones. It supports major cloud providers (AWS, Azure) and automates the collection of security configuration data to assess against best practices and compliance standards.

Key Features

• Automated data collection from cloud services
• Comprehensive reporting on security configurations & potential vulnerabilities
• Multi-cloud support (AWS, Azure), enhancing versatility
• User-friendly interface for easy navigation
• Leverages the CIS Benchmark for cloud security & compliance
• Streamlines cloud security audits & resource management
• Facilitates informed decision-making for cloud security strategies
• Real-time visibility into cloud environments for proactive security
• Azure Security Audit Reports interrogate all subscriptions in the selected tenancy
• AWS Security Audit Reports interrogate all regions in the selected tenancy

This tool is invaluable for organisations wanting to ensure that their cloud environments and landing zones are secure, compliant, and optimised. With its detailed insights into security settings and potential vulnerabilities, IT professionals can make informed decisions for robust cloud security postures.

Using CloudView can reduce the risk of security breaches, maintain compliance with regulatory standards, and bring peace of mind via thorough, regular cloud security assessments.

Authentication

• AWS: The ReadOnlyAccess and SecurityAudit AWS Managed Policies must be attached to the principal used for auditing, plus AWS Access Key ID & Secret Access Key. A temporary IAM Access Key is recommended, then deleted once the audit completes.
• Azure: The Reader and Security Reader roles, plus Directory.Read.All and Policy.Read.All permissions, should be granted to the user running the audit. Credentials do not need to be entered into the system; authentication is performed remotely.
• Always log out after downloading your Cloud Security Tenancy Audit Report to your browser.

CloudView provides step by step instructions (where possible) on how to remediate the security exposures it has discovered. You can now discover all your issues in one place and remediate them with the same tool.

Note: No data is ever stored on Cyber Automation systems. All CloudView Tenancy Audit Reports are processed in volatile memory, then streamed directly to your browser as a compressed file.

Click to Start

Available on the Microsoft Azure Marketplace or directly from this page. Scroll to the bottom to find the access links if you just want to use it, or keep reading if you want to know more about the tool and go through the instructions.

CISO Score (Free) takes you through an authentication process using device codes to perform security checks on your Azure Entra environment. Simply follow the on-screen instructions and sign in when prompted to authorize the system to read relevant configurations.

Authenticate into Azure

Select the tenancy you want to audit

Once authenticated, CISO Score (Free) runs a basic security assessment—especially for Azure Entra (formerly Azure AD)—drawing from CIS 4.0, ACSC Blueprints, and best practices. Your report is streamed directly to your browser (it is not stored on any Cyber Automation system). If you wish to retain the report, please download it using the provided download button.

Ask Iverson to write an Executive Summary Report: An optional “Ask Iverson to write an Executive Summary Report” button is available to send your report data to Iverson (AI), which then produces a Microsoft Word document summarising the findings. You will see your position in the queue if you request an Executive Summary. Please be patient while Iverson compiles your custom summary.

View CIS Benchmark 4.0 controls

View ACSC Blueprint controls

View Best Practice controls

CISO Score (Professional) guides you through an **authentication flow**—again using device codes—to run comprehensive tests across Azure, Entra, Teams, SharePoint, M365, Exchange, Intune, and Purview. Just follow the prompts and authenticate when asked.

After authentication, CISO Score (Professional) runs in-depth checks aligned with CIS 4.0, ACSC Blueprints, and best practices. Your results cover a much broader scope than the Free Edition. Reports are streamed directly to your browser, never stored on Cyber Automation systems. Remember to download if you wish to keep a copy.

Ask Iverson to write an Executive Summary Report: An optional “Ask Iverson to write an Executive Summary Report” button is available to send your report data to Iverson (AI), which then produces a Microsoft Word document summarising the findings. You will see your position in the queue if you request an Executive Summary. Please be patient while Iverson compiles your custom summary.

CISO Score (Enterprise) offers a streamlined, automated setup within your Azure tenancy, creating necessary security principals and authorising the application. Once configured, you can perform reports with a single button click—saving time and ensuring immediate access to real-time security reports.

Admin Page to modify tenancy and password etc

Setup Page to to automatically populate your tenancy etc

CISO Score (Enterprise) provides the same comprehensive checks for Azure, Entra, Teams, SharePoint, M365, Exchange, Intune, and Purview, fully aligned with CIS 4.0, ACSC Blueprints, and best practices. Results are once again streamed directly to your browser (not stored by Cyber Automation). Download them if you wish to retain a copy.

Executive Summary Report: If you’d like Iverson (AI) to convert the findings into a Microsoft Word document, simply press “Ask Iverson to write an Executive Summary Report.” You’ll see your queue position, and once processed, your summary is ready for download.

View CIS Benchmark 4.0 controls

View ACSC Blueprint controls

View Best Practice controls

Click to Start on the splash screen

CISO Score (AWS) walks you through a quick sign-in process (via AWS Access Key/Secret Key) to perform security checks across your AWS environment. Simply follow the on-screen instructions and authenticate when prompted to grant temporary read access to your AWS configurations.

Authenticate into AWS

After entering your AWS credentials or assuming a role (optional), CISO Score (AWS) will list your AWS accounts if part of an organisation. Then, you can pick the account to audit.

Wait while it gathers the details to create your Dashboard

Once authenticated, CISO Score (AWS) runs a comprehensive security assessment based on frameworks like CIS Benchmarks, ACSC Controls, and AWS Best Practices. Your security report is streamed directly to your browser (it is not stored on any Cyber Automation system). To keep your report, click the download button.

Ask Iverson to write an Executive Summary Report: An optional “Ask Iverson to write an Executive Summary Report” button is available to send your report data to Iverson (AI), which then produces a Microsoft Word document summarising the findings. You will see your position in the queue if you request an Executive Summary. Please be patient while Iverson compiles your custom summary.

View CIS Benchmark controls

View ACSC controls

You will be provided guidance on how to remediate any failures

Many organisations have unsupported versions of Microsoft Windows Operating Systems, which pose a significant security risk due to the lack of new patches. It can be difficult and time consuming to migrate applications from an unsupported OS to a newer OS, since there is no “clean” way to do so.

Modernise for Windows automates the migration of applications and services from any legacy Microsoft Windows version (including Windows 7 or Windows 2008 Server) to a contemporary Microsoft Windows Operating System.

This tool is a standalone binary (not tethered to any backend), making it very secure from a data privacy and sovereignty perspective. It can migrate 32-bit and 64-bit workloads, and helps you automate your modernisation and migration to any Datacenter or any Cloud.

Note: Microsoft Windows no longer supports 16-Bit applications.

Many organisations have older or unsupported Linux Operating Systems, which poses a significant security risk. It can be difficult and time consuming to migrate applications from an unsupported Linux OS to a newer, supported OS.

Modernize for Linux automates the migration of applications and services for Ubuntu/Debian or CentOS/Red Hat systems to a contemporary Linux distribution in any data center or any Cloud.

You no longer have to manually rebuild older Linux servers. Now you can easily modernise and migrate them to updated releases—regardless of where they live today.

Many Windows Server versions are no longer supported or face high costs for extended support—especially when running older versions of Microsoft SQL Server (e.g., SQL Server 2008 on Windows 2008 R2).

Modernize for Microsoft SQL takes a backup of your existing SQL data and restores it to a hardened Linux environment (Red Hat or Ubuntu) running Microsoft SQL Server 2022. This approach is low risk and does not affect your production SQL server.

Seamlessly migrate your databases from Windows-based SQL to Linux-based SQL 2022 with minimal downtime. This ensures your environment is both supported and secure on a modern, patched OS.

Our TAXII 2.1 compatibility ensures seamless integration with all major SIEM platforms. Receive live threat data, proactive indicators of compromise, and global malicious IP tracking to bolster your security posture.

The images above show how easy it is to connect Microsoft Sentinel (or any other SIEM) to our Free Cyber Threat Feeds via the built-in TAXII 2.1 connector. Simply enter our API Root URL (https://cti.cyberautomation.com.au/taxii/) and specify the Collection ID (e.g., low, minimum, enterprise-attack, mobile-attack, ics-attack.) to pull in real-time indicators.

We offer both free threat feeds—such as basic Fast Flux detection—and premium, high-quality feeds for advanced data (like enriched IoCs, enhanced correlation, and threat actor attributions). The free feeds are a great way to get started, while the premium feeds provide the additional depth that enterprise SOCs demand.

Here is an example of the Daily Cyber News

CyberNews delivers the latest cybersecurity headlines from the past 24 hours, conveniently curated by our AI, Iverson. Instead of hunting for news stories across multiple websites, let us do the work for you!

To get started, you’ll need the Telegram App. You can download Telegram for your mobile device or computer by visiting telegram.org .

Once you have Telegram, simply join our CyberNews Channel to receive the curated Cyber News feed. Iverson automatically compiles the most relevant and impactful cybersecurity stories and sends them to your phone every morning, ensuring you stay informed and up to date.

Ready to subscribe? Just click or tap this link to join: https://t.me/+jAdsiWSTmiJjYmE1 .

Here is an example of the Daily Detections

Here is a second example of the Daily Detections

Our Cyber Threat Hunting feed delivers daily KQL queries straight to your device, helping you quickly detect and address new and evolving threats. Instead of relying on costly, highly skilled resources to craft fresh hunting rules every day, you can simply copy and paste these queries into your SIEM and start hunting instantly.

This service requires the Telegram App. You can download Telegram for your phone or computer by visiting telegram.org.

Once you have Telegram, subscribe to our Cyber Threat Hunting Channel using this link: https://t.me/+Yu2Gg_PQTPkwNzFl . You’ll receive daily queries curated to address the latest threats, ensuring your SIEM is always primed for proactive detection.

By automating the distribution of these hunting rules, you save significant time, effort, and cost while maintaining an up-to-date security posture.