CyberTwin
(01)THE DELIVERABLE

The report, before the signup.

The exact deliverable, rendered as it ships — built on a fictional demo tenant, Acme Capital, so we can publish every page in the open. Every number is labeled proven from config, or modeled and shown as such.

NO SIGNUPNO CARDNO AGENTREAL ENGINE OUTPUT
FIG.01 // BOARD PACKSAMPLE
Sample CyberTwin board pack — page-1 cover
Quarterly board pack · page 1 · rendered from one upload
(02)HONEST GRADE

Same rubric, both stacks.

When CyberTwin recommends a stack, it runs that stack through the same rubric it used to grade your current setup — and shows you the number. The recommended Balanced stack scores 59/100; the Advanced upgrade scores 78/100. You decide whether the delta is worth it.

FIG.02 // GRADE · ONE RUBRICENGINE OUTPUT
BALANCED
the recommended stack
59/100
ADVANCED
the +$40K/yr upgrade
78/100
closes the cross-vendor attack-path gaps · +$40K/yr

Balanced 59/100. Advanced 78/100. Both numbers are engine output, not marketing math — the rubric is published and you can run it against the same Acme fixture yourself.

// THE FULL RUBRIC, CARD BY CARD ↓
We grade our own recommendation.

Most tools tell you what to buy and hope you trust them. We score what we recommend — out loud.

When CyberTwin recommends a security stack, it runs that stack through the same rubric it used to score your current setup, and shows you the number. In this example the Balanced stack scores 59/100 — strong on identity and endpoint, weak on cross-vendor attack-path coverage. The Advanced stack scores 78 because it closes those gaps. Both numbers are engine output, not marketing claims — the rubric is published and you can run it yourself. You decide whether the upgrade is worth it.

Acme · Balanced stack
59/ 100
$120,000/yr · The recommended Acme stack
Strengths
  • SSO + tenant-wide CA policy (Entra)
  • EDR + ASR rules in block mode (Defender)
  • Perimeter firewall + SSL-VPN (FortiGate)
  • Cloud config baselines (AWS Config)
Gaps
  • ·Attack-path stitching limited to single-vendor scope
  • ·No config-audit depth on identity policies
  • ·Config audit depth shallow on cloud IAM
Acme · Advanced stack
78/ 100
$160,000/yr · The +$40K/yr upgrade
Strengths
  • Cross-vendor attack-path stitching (Identity → Endpoint → Cloud)
  • Multi-vendor config-audit suite with remediation CLI
  • Config audit across all 37 supported tools
  • Insurance broker questionnaire pre-fill
Trade-offs
  • ·Higher total — only worth it for teams running real attack surface

Both scores are engine output, not marketing claims. The rubric is published at /methodology. The Acme Capital fixture powering this is the same one the live attack-path demo runs against — open the engine code, run it yourself, get these numbers.

(03)THREE REPORTS, ONE ENGINE

Each assessment ships its own report.

New Architecture, Architecture Review, and Configuration Review each generate a different deliverable. Below is a sample of each for the fictional Acme Capital — real engine-output shape, with the architecture diagram (SVG / PNG export) and the rules sheet.

generated 2026-05-07 · sample · fictional Acme Capital · 200-person fintech · real engine output shape

Three priced stacks

Annual figures are tool-cost ESTIMATES — sourced from vendor pages + Vendr benchmarks, never to the dollar.

Lean
$72K/yr est.
Posture 45/100 (engine grade)

Closes the critical gaps on a tight budget; minimal cross-vendor attack-path coverage.

  • Entra ID P1 (SSO + CA)
  • Defender for Endpoint P1
  • FortiGate (perimeter + SSL-VPN)
  • AWS Config baselines
BalancedRecommended
$120K/yr est.
Posture 59/100 (engine grade)

Strong governance, identity, and endpoint; gaps remain on cross-vendor attack-path stitching.

  • Entra ID P2 + CA
  • Defender for Endpoint P2 + ASR
  • FortiGate + Cloudflare WAF
  • AWS IAM + Config
  • Microsoft Sentinel
Advanced
$160K/yr est.
Posture 78/100 (engine grade)

Closes the attack-path gaps with cross-vendor stitching + multi-vendor config audit; for teams with real attack surface.

  • Everything in Balanced
  • CrowdStrike Falcon
  • Multi-vendor config-audit suite
  • Cross-vendor attack-path stitching
  • Insurance broker pre-fill

Recommended configuration to deploy

The architecture, ready to hand to an engineer or auditor.

Sample · Acme Capital reference architecture
EMAILIDENTITYENDPOINTNETWORKCLOUDSIEMDATADefender for O365MimecastEntra ID · SSO + CAOktaDefender for EndpointCrowdStrike FalconFortiGate · FW + SSL-VPNCloudflare WAFAWS IAM + ConfigAzure RBACMicrosoft SentinelSplunkS3 · customer PIIRDS · payments DBSecrets Mgr · Stripe keys

Tools grouped by architecture layer; edges show the protection and data-flow relationships the engine maps. Red-bordered nodes are the crown-jewel data stores. Export as SVG or PNG to hand to an auditor.

Compliance to implement

Across 24 frameworks · top 5 shown
  • SOC 2 Type IIMIXED72/100
  • ISO 27001MIXED68/100
  • HIPAAEXPLICIT70/100
  • PCI DSS v4DERIVED61/100
  • NCA ECCDERIVED58/100

Roadmap

Sequenced by severity — Now / Next / Later.

Now
  • · No SSL deep inspection on the outbound policy
  • · SSL-VPN portal allows password-only auth
  • · Wildcard secretsmanager:GetSecretValue
Next
  • · Legacy authentication not blocked
  • · PowerUserRole over-permissive on the customer-PII bucket
Later
  • · WAF custom ruleset in log-only mode
  • · Logging disabled on a permissive rule
(04)PERSONALIZE

See a sample built for your industry.

The default sample is a fictional fintech. If you're in healthtech, SaaS, e-commerce, or another sector, generate a personalized version showing the vendors, frameworks, and compliance scoring that match your environment.

Watermarked “SAMPLE — based on your declared profile.”
(05)THE DELIVERABLES

12 boardroom-grade reports. One upload.

Every report is built from the same uploaded data. Each preview below is a real, downloadable PDF — rendered from the seeded Acme Capital environment, not a comp.

Audit-evidence pack — sample PDF cover

Audit-evidence pack

Every audited control in SOC 2, ISO 27001, PCI DSS v4, and NCA ECC v2 mapped to specific evidence — config-review findings, intake answers, posture snapshots, uploaded documents. Effort-ranked gaps with remediation guidance.

Cyber-insurance auto-fill — sample PDF cover

Cyber-insurance auto-fill

Pre-filled questionnaires for the major cyber insurance carriers. Each answer carries a confidence tag (definite / inferred / human-required) and a premium-impact signal (helpful / neutral / loaded). Premium-loaded answers ranked first.

Quarterly board pack — sample PDF cover

Quarterly board pack

Posture trend (12-month sparkline), ALE year-over-year, top open and remediated critical findings, framework coverage across 6 frameworks, incidents avoided with dates and dollar values, roadmap roll-up.

Cross-vendor attack-path simulation — sample PDF cover

Cross-vendor attack-path simulation

Attack-path mapping across the security tools you actually run: Microsoft Entra, Okta, JumpCloud (identity) · FortiGate, Cisco ASA, Cisco Meraki, Cloudflare (network) · Microsoft Defender for Endpoint, CrowdStrike Falcon (endpoint) · AWS IAM, Azure RBAC, GCP IAM (cloud) · Microsoft Defender for O365 (email) · Microsoft Sentinel (SIEM) · 15 products supported. BFS from each entry to each sensitive resource. Edges annotated with MITRE technique codes (26 distinct techniques). Paths matched against 11 threat-actor categories. Inferred topology nodes from uploaded network diagrams (PNG / JPG / draw.io).

Incident retrospective — sample PDF cover

Incident retrospective

Walks an incident through the MITRE kill-chain. Shows which open findings would have broken the chain at each phase. Counterfactual loss avoided. Used post-incident or for tabletop preparation.

Multi-environment diff — sample PDF cover

Multi-environment diff

Compare prod vs staging, region A vs B. Diffs findings, severity counts, framework coverage, intake answers, ALE. The report that catches drift before audit.

Personalized Deployment Plan

35–50 pages · GENERATED IN-APP

Setup guide for the products in your chosen stack — only those, in deployment order. Architecture diagram annotated with deployment-order numbers and integration arrows color-coded by fit class. Per-product setup sections with template variables substituted to your environment (org name, primary IdP, primary cloud, network seed subnet). Inline integration handoffs between consecutive products. Per-step compliance annotation pinning each setup step to specific framework controls (SOC 2 CC6.1, ISO 27001 A.5.17, NCA ECC 2-2-3, etc.). Coverage scorecard at the end shows X of Y framework controls satisfied. Honest empty-state cards for products without authored playbooks (vendor-doc + Configuration Review check pointers).

Not a boardroom report — this is the working document your engineers execute. Every plan includes it.

WHICH PLAN SHIPS WHICH REPORT
Board pack (risk-quantified)Every tier
Compliance-only reportEvery tier
Auditor evidence packOperate+
Insurance questionnaire auto-fillOperate+
Attack-path simulation reportOperate+
Incident retrospectiveOperate+
Executive briefOperate+
Security questionnaire auto-answerOperate+
Scenario comparisonOperate+
Environment diffProgram
Year-in-reviewProgram
SAMA CSF quarterlyProgram
(06)THE DIAGRAM, EXPORTABLE

A real architecture render.

Engine output for the same fictional Acme Capital — exportable as SVG or PNG.

Sample · Acme Capital reference architecture
EMAILIDENTITYENDPOINTNETWORKCLOUDSIEMDATADefender for O365MimecastEntra ID · SSO + CAOktaDefender for EndpointCrowdStrike FalconFortiGate · FW + SSL-VPNCloudflare WAFAWS IAM + ConfigAzure RBACMicrosoft SentinelSplunkS3 · customer PIIRDS · payments DBSecrets Mgr · Stripe keys

Tools grouped by architecture layer; edges show the protection and data-flow relationships the engine maps. Red-bordered nodes are the crown-jewel data stores. Export as SVG or PNG to hand to an auditor.

AFTER YOU'VE SEEN THE SAMPLE

Run it against your real environment.

Sample reports are static fictional data. Your assessment uses your real intake, your real configurations, your real frameworks — signup to first PDF in a single session.