Skip to content
In development · CyberGuard is being built. We are selecting a small group of paid design partners. Read the program →
In development Paid design-partner program

Know what you run.
Prove how you manage it.

CyberGuard is being built for MSP and security-minded ops teams that need one traceable path from messy infrastructure facts to client-ready technical evidence.

No signup yet. Applications will be reviewed for fit when invitations open.

acme-production / web01 Concept · synthetic
InventoryFirst MVP
openssl 3.0.11
user-submitted command outputobserved 2h ago
FindingPlanned next
CVE-2026-1234 · applicable, critical
Criticalevidence-linked
TodoPlanned next
Patch openssl on web01
assigned · Martadue Jul 24
Evidence snapshotFirst MVP
June technical-evidence snapshot
scope + exclusionssha256:4f1a…b9e2

Concept interface with synthetic data. Each assertion carries its provenance — CyberGuard never implies a fact is independently verified.

Built for MSP and ops teams managing self-hosted client estates.

You already work across Zabbix, shell scripts, structured observations, and an existing issue tracker. CyberGuard is designed to connect those facts — not replace the tools that produce them.

Not a scanner, ticket replacement, or certification platform
ZabbixShell scriptsStructured JSON ingestDebian / Ubuntu packagesExisting issue trackersManual evidence
The wedge

The version, patch, todo, and evidence layer for messy infrastructure.

The hypothesis is less manual assembly and more consistent follow-through. It hasn't been proven publicly yet — that's what the pilot is for.

Today

Facts scattered across shell output, tickets, and chat.

With CyberGuard

Current Inventory per client, with history and freshness.

Today

Unclear whether an advisory even applies to this host.

With CyberGuard

A traceable Finding linked to the evidence behind it.

Today

Tickets closed without proof the work happened.

With CyberGuard

An evidence-confirmed state you can point a client to.

Today

A monthly report rebuilt by hand, every time.

With CyberGuard

A reproducible client snapshot with scope and exclusions.

How it works

One chain, from observation to client-ready evidence.

Six primitives carry the whole story. Web, REST, and a planned MCP interface are just different doors onto the same chain — never a second data model.

01
Assets

The things a client operates.

02
Sources

How observations arrive — ingest, command output, manual, API, later Zabbix.

03
Inventory

Observed software, access, and config facts, plus history.

04
Checks

Rules or authorized observations that evaluate facts.

05
Findings

Evidence-linked problems in one lifecycle.

06
Todos

Accountable human work, optionally synced to a tracker later.

Synthetic journey · Acme Ltd → Production → web01

One Debian observation, followed all the way to a snapshot.

Every stage badge shown
First MVP
Debian package list arrives

Submitted via structured Source for web01 in Acme Ltd → Production.

First MVP
Provenance reviewed

openssl 3.0.11 recorded as user-submitted command output, then confirmed in Needs Review.

Planned next
A future Check finds an issue

An applicable advisory surfaces as a canonical Finding — not yet functional in the first MVP.

Planned next
A Todo is assigned

Patch openssl on web01, owned by Marta, with a due date.

First MVP
Snapshot preserves what was known

Scope, exclusions, verification levels, and a snapshot hash — clearly synthetic.

What the first MVP focuses on
First MVP · being designed

Trustworthy inventory first. Everything else is derived from it.

Trustworthy Inventory

Current facts and history with freshness, source provenance, and conflict review — designed so you always know how fresh a fact is and where it came from.

One review surface

Uncertain parses and mappings wait in a single Needs Review queue for an explicit human decision. Nothing ambiguous is silently trusted.

Reproducible evidence snapshot

A finalized HTML/CSV snapshot with explicit scope, exclusions, verification levels, and a snapshot hash you can reference later.

Client isolation

One client Organization per trust boundary. Staff need explicit membership in every Organization — a billing bundle grants no data access.

Customer AI-tool workflows

A planned remote MCP interface will let a customer’s own AI tool create permitted Assets/Sources, submit deterministic observations, and monitor status inside one authorized Organization — never switching clients or receiving credentials.

What we plan next

A roadmap, stated as plans — not shipped features.

Every item below is planned and subject to validation. Order and timing may change as we learn from design partners.

Stage 2Planned next
Findings & work
  • Advisory & vendor-support feeds
  • Applicability, EOL state, canonical Findings
  • Todos, notifications, transparent posture
Stage 3Planned next
Zabbix & bounded assistance
  • Zabbix inventory/event integration
  • AI-assisted parser & triage candidates
  • Human confirmation always required
Stage 4Planned
Workflow & reporting
  • Full Todo workflow, GitLab sync first
  • Branded report preview / finalize
  • Invite-only beta after security gates
Stage 5Planned
Posture & custom Checks
  • Versioned hardening Checks, access reviews
  • Documented, declarative Check Studio
  • Five transparent bounded score pillars
Future Later possibilities — subject to validation

Framework evidence assistance, non-intrusive probes, plugins, scanner imports, enterprise connectors, client-consented portfolio summaries, SSO/SCIM, custom retention, and broad self-hosted availability are candidate directions only. Framework support may help organize evidence but cannot claim compliance or certification. Probes will never be described as a vulnerability scanner or penetration test.

Evidence & trust

Provenance stays visible. We don't dress up unverified facts.

A future finalized snapshot will disclose who or what supplied each assertion, at which verification level, with what scope and exclusions.

Provenance on every assertion. Platform-observed, user-submitted, self-attested, future signed collector, or derived — shown, not hidden.
One Organization per connection. An MCP connection is fixed to one client, shows the receiving client and requested actions, expires, and can be revoked immediately.
No pooled tenants. Each client estate is its own trust boundary. Volume purchased never creates cross-client access.
Minimized telemetry. No tenant-data advertising or general-model training. AI is optional, minimized, and candidate-only by design.

A snapshot hash can reveal later alteration within the CyberGuard evidence set. It does not prove the original external fact was true — and we never say "tamper-proof," "chain of custody," or "independently verified" for tenant-supplied data.

June technical-evidence snapshotSynthetic
ScopeAcme Ltd · Production · 18 assets
Exclusions2 assets, no active source
Verification levels
Platform-observed11
User-submitted command output5
Self-attested2
Tamper-evident when implemented
sha256:4f1a…b9e2 · finalized 2026-06-30
Trust & legal destinations
Trust overview
Planned before pilot data
Privacy policy
Planned before pilot data
DPA
Planned before pilot data
Subprocessors
Planned before pilot data
Security contact
Available now

We do not claim GDPR compliance, a certification, an external audit, 24×7 operations, or any security property that hasn't been tested. EU/EEA hosting is the planned default and will be confirmed once providers and regions are selected.

Integration fit

Complements your monitoring and issue tracking.

A planned order, labelled by stage — not a logo wall. Nominative product names only; no integration is available today and none implies endorsement.

Structured JSON ingest

Deterministic ingest and a Debian/Ubuntu package parser.

First MVP
Advisory feeds

Vulnerability/advisory and vendor-support data.

Planned next
Zabbix

Inventory/event integration for supported deployment paths.

Planned next
GitLab

Todo synchronization first; Jira only after validation.

Planned

MCP is a planned product interface, not an AI-vendor partnership. It lets a customer's own AI tool use explicitly granted operations inside one authorized client Organization. It is not "autonomous remediation," and no AI-tool logo appears until that exact client passes documented compatibility and authorization tests.

Proposed pricing

One offer opens first. The rest are hypotheses.

The paid design-partner pilot will be the first actionable offer. Every other plan is proposed for validation. Prices are monthly, exclude VAT, and are not final.

Each client is always a separate Organization and trust boundary — a consultancy billing bundle never grants cross-client data access.

Design Partner Pilot
€199/mo · 90 days
Opening soon
  • Up to 5 isolated client Organizations
  • Up to 500 active Assets total
  • Assisted onboarding + weekly session
  • Implemented pilot features during the term
  • Best-effort support · no uptime SLA
  • No auto-renewal or silent conversion
See waitlist status
Starter
€149/mo
Proposed after pilot
  • Up to 3 isolated client Organizations
  • Up to 300 active Assets total
  • Core capabilities that have shipped
  • Manual snapshots / Reports when available
  • Standard business-hours support
See waitlist status
★ Recommended for MSPs
MSP
€399/mo
Proposed after pilot
  • Up to 15 isolated client Organizations
  • Up to 2,000 active Assets total
  • Everything shipped in Starter
  • Higher validated automation limits
  • Per-client Report branding when available
  • Priority business-hours support
See waitlist status
Scale
€899/mo
Proposed after pilot
  • Up to 50 isolated client Organizations
  • Up to 10,000 active Assets total
  • Everything shipped in MSP
  • Highest standard validated limits
  • Structured onboarding + service review
  • No implied SSO/SCIM, probes, or self-hosting
See waitlist status
At-a-glance limits
Client Organizations
Pilot5
Starter3
MSP15
Scale50
Active Assets
Pilot500
Starter300
MSP2,000
Scale10,000
MCP access
PilotWhen gates pass
StarterShipped surface
MSPHigher limits
ScaleHigher limits
Report branding
PilotWhen available
StarterBasic, when available
MSPPer-client
ScaleMultiple profiles
Support
PilotBest-effort
StarterBusiness hours
MSPPriority
ScalePriority + review

Features that haven't shipped show "when available" or a release stage, never a checkmark. Baseline security, tenant isolation, export/deletion, audit logging, and evidence-quality labeling are identical on every plan and never weaken on a lower tier. Overage pricing (€15/Organization, €0.10/Asset, with a 10% grace measured per meter) is an opt-in test assumption — never a surprise charge. Existing evidence stays readable and exportable at a limit; only the operation exceeding it is blocked.

FAQ

Straight answers for a prelaunch product.

Is CyberGuard available today?

No. CyberGuard is in development. The only current motion is applications for a paid, assisted design-partner pilot. There is no self-service signup, checkout, or generally available product.

Who is the design-partner pilot for?

Small MSPs and security-minded ops consultancies managing heterogeneous, mostly self-hosted client infrastructure — teams that today rely on Zabbix, scripts, and manual evidence and want a repeatable way to understand state and prepare client evidence.

Is CyberGuard a vulnerability scanner?

No. It records and evaluates observations that arrive from your sources; it does not actively scan or probe your infrastructure. It is not a penetration test and is not a replacement for one.

Does it replace Zabbix or our issue tracker?

No. It complements them. Zabbix integration and tracker synchronization are planned later stages; the product connects the facts those tools produce rather than replacing them.

How are different clients separated?

Each managed client is a separate Organization and trust boundary. Projects partition environments inside one client. A consultancy billing bundle never grants cross-client data access — staff still need explicit membership in every Organization.

Can it connect to a private-only Zabbix?

An assisted private-network deployment may be considered for a selected design partner whose Zabbix cannot be safely published to fixed SaaS egress IPs. It is a scoped pilot conversation, not a generally supported self-hosted edition. We never claim general access from SaaS into a customer’s private network.

Does it make us compliant or certify us?

No. CyberGuard can help organize evidence for review, but it does not make you compliant with GDPR, Cyber Essentials, NIS2, ISO, CIS, SOC 2, PCI DSS, or any framework, and it is not a certification.

How is AI intended to be used?

AI is an optional, later, candidate-assistance mechanism — for example parser and triage suggestions — always validated deterministically and confirmed by a human. It cannot make security decisions automatically.

Can our own AI tools use CyberGuard through MCP?

That’s the plan. A permission-scoped remote MCP interface will let your chosen AI tool use explicitly granted operations inside one authorized client Organization. It cannot switch clients, receive credentials, bypass review, or approve its own work.

Is self-hosting available?

No. Broad self-hosted availability is a future possibility subject to validation. Only the scoped private-network pilot conversation above exists today.

What happens to pilot data?

Tenant isolation, minimized telemetry, export and deletion workflows, and evidence access logging are intended principles. The trust, privacy, and DPA documents will be available before any production pilot data is handled.

Are these final prices?

No. All prices are proposed hypotheses for validation, monthly and excluding VAT. Only the design-partner pilot is actionable today; other plans use a waitlist.

In development · selecting design partners

Design-partner waitlist.

The pilot is for small MSPs and security-minded ops consultancies managing heterogeneous, mostly self-hosted client infrastructure. We review each application for fit, then follow up with a discovery conversation. Selection isn’t guaranteed.

  • We review your application for fit — this isn’t a signup.
  • A discovery conversation follows before any commitment.
  • Selection isn’t guaranteed; the pilot cohort is intentionally small.

Invitations aren’t open yet

We’re finishing the privacy and email-delivery setup. No applications are being collected today.

Read the prelaunch privacy status