Active threat monitoring · Saudi Arabia

Platform forin Saudi Arabia

CyberKSA is the all-in-one command center for offensive security teams — from reconnaissance and scanning to AI-powered reporting and client portals.

Access Platform

See Features

🔒 NCA Aligned🛡️ Zero Trust📋 Full Audit Trail⚡ Real-time SSE

47security teams online now

cyberksa — dashboardLIVE

Critical

High

Risk Score

CRITICAL

HIGH

MEDIUM

LOW

🤖AI generating executive report…

Live Threat Feed

CRITICALSQLi detected · Saudi Telecom · 2s ago·HIGHOpen RDP · Riyadh DC · 12s ago·BLOCKEDRansomware C2 blocked · NCA rule·CRITICALCVE-2025-3419 exploited · 47s ago·HIGHWeak cipher TLS1.0 · Gov portal·BLOCKEDPhishing domain flagged · CERT-SA·MEDIUMHTTP headers missing · e-commerce·CRITICALUnauthenticated MongoDB · 3s ago·BLOCKEDBrute-force stopped · 847 attempts·HIGHSSRF vulnerability · API gateway·CRITICALSQLi detected · Saudi Telecom · 2s ago·HIGHOpen RDP · Riyadh DC · 12s ago·BLOCKEDRansomware C2 blocked · NCA rule·CRITICALCVE-2025-3419 exploited · 47s ago·HIGHWeak cipher TLS1.0 · Gov portal·BLOCKEDPhishing domain flagged · CERT-SA·MEDIUMHTTP headers missing · e-commerce·CRITICALUnauthenticated MongoDB · 3s ago·BLOCKEDBrute-force stopped · 847 attempts·HIGHSSRF vulnerability · API gateway·

Trusted by Saudi enterprises

🛢️Saudi Aramco

📡STC

⚗️SABIC

🛡️Saudi CERT

🏛️MOI

🏦NCB

💊SFDA

🌆Neom

💳Al Rajhi Bank

🏦Riyad Bank

📊Samba Financial

🇸🇦Saudi Vision 2030

🛢️Saudi Aramco

📡STC

⚗️SABIC

🛡️Saudi CERT

🏛️MOI

🏦NCB

💊SFDA

🌆Neom

💳Al Rajhi Bank

🏦Riyad Bank

📊Samba Financial

🇸🇦Saudi Vision 2030

0+Engagements

0+Clients

0+Findings DB

0%Uptime SLA

🎯MITRE ATT&CK

🔍Nessus

🕷️Burp Suite

🛡️OWASP Top 10

🇸🇦NCA Framework

📊CVSS 3.1

📋SANS CWE

📌PTES

📡CITC

✅ISO 27001

🎯MITRE ATT&CK

🔍Nessus

🕷️Burp Suite

🛡️OWASP Top 10

🇸🇦NCA Framework

📊CVSS 3.1

📋SANS CWE

📌PTES

📡CITC

✅ISO 27001

Platform Demo

Live security scan — watch it run

cyberksa-terminal — live sessionRUNNING

cyberksa v2.4.0|ollama · qwen2.5:7b|NCA ECC-1:2018

Global Threat Intelligence

World Cyberattack Map · Live

Global Cyberattack Globe · Live

AttackBlockedDrag to rotate

Attacks Tracked

Blocked

96%

Block Rate

94+

Countries

Threat Grps

Top Attack Origins

🇷🇺

Russia

🇨🇳

China

🇮🇷

Iran

🇰🇵

N. Korea

🌐

Unknown

WAITING_FOR_LIVE_SIGNALS_STREAM...

Attack Volume · Last 24 Hours

Threat Timeline

AttacksBlocked+0 this session

00h04h08h12h16h20h23h

🌐

Global Coverage

Real-time attack simulation across 94+ countries. Monitor threat actors targeting KSA infrastructure from worldwide origins.

🛡️

Intelligent Blocking

AI-powered defenses neutralize ransomware C2, APT pivots, and zero-day exploit attempts automatically in milliseconds.

🎯

Attribution Engine

MITRE ATT&CK–aligned attribution links attack arcs to known threat groups: APT28, Lazarus, Charming Kitten.

Platform Capabilities

Everything your Red Team needs

🔍

Automated Scanner

Port, SSL, HTTP header, and vulnerability scanning with real-time SSE streaming.

$ scan --target 192.168.1.0/24

→ Port 22: SSH banner grabbed

→ Port 80: Missing HSTS

✓ 14 findings in 8.3s

🤖

AI-Powered Analysis

Ollama LLM analyzes findings, maps MITRE ATT&CK, writes executive narratives.

Recon

Exploit

Persist

📊

Risk Dashboard

Live risk scoring with severity breakdown and top risky projects tracker.

Risk Score
Moderate

🗂️

Scope Coverage

Visual coverage showing tested vs untested assets across all scope items.

Coverage67%

✓ 34 tested○ 17 untested

📤

Nessus & Burp Import

Bulk XML import from Nessus and Burp Suite directly into findings database.

📄nessus.xml

📄burp.xml

→ 142 findings

🏢

Client Portals

Isolated, role-based portals with secure project views and report downloads.

Admin

Full access

Manager

Reports+

Pentester

Findings+

Client

View only

📝

AI Report Writing

Auto-generate professional pentest reports with CVSS scores and remediation.

🤖 Analyzing 47 findings…

📝 Writing executive summary…

✓ 18-page report generated

🔐

Zero Trust RBAC

Fine-grained roles per project — Admin, Manager, Pentester, Client.

Admin

Full access

Manager

Reports+

Pentester

Findings+

Client

View only

🔔

Security Inbox

Centralized hub for findings, approvals, and client acknowledgements.

New critical finding

Client acknowledged

Report approved

How It Works

From scope to report in one platform

Define Project & Scope

Create a project, add IP ranges, domains, out-of-scope rules. Assign team with granular RBAC.

Scan, Exploit & Document

Run automated scanner, import Nessus/Burp XML, add manual findings with CVSS scores and PoC.

AI Analyzes & Maps MITRE

AI maps each finding to MITRE ATT&CK tactics, scores risk, identifies attack chains automatically.

Deliver Report to Client

Generate PDF report, open client portal access, get acknowledgements — all in one place.

The Difference

Before vs After CyberKSA

Without CyberKSA

✗📧 Findings shared via email attachments

✗📊 Risk scoring done manually in Excel

✗🔄 Back-and-forth with clients on scope

✗📝 Report writing takes 2-3 days

✗❌ No MITRE ATT&CK mapping

✗🔍 Scanner outputs pasted into docs

✓

With CyberKSA

✓🔔 Findings instantly in client portal

✓📊 Automated CVSS + risk scoring

✓✅ Scope defined & tracked in platform

✓🤖 AI report generated in minutes

✓🎯 Auto-mapped to MITRE ATT&CK

✓⚡ Scanner imports in one click

NVD Intelligence

Latest CVE Advisories

Static fallback

CVE-2025-212989.8 · CRITICAL

Windows OLE Remote Code Execution — arbitrary code execution via malicious document attachment.

Windows Server 2022Windows 11

CVE-2025-230069.8 · CRITICAL

SonicWall SMA 1000 pre-authentication deserialization vulnerability allows unauthenticated remote code execution.

SonicWall SMA

CVE-2025-02829 · CRITICAL

Ivanti Connect Secure stack-based buffer overflow in network appliance enables unauthenticated RCE at scale.

Ivanti Connect SecureIvanti Policy Secure

Search full CVE database inside the platform →

Initializing Command Center...

The Intelligence
of Offensive Security

CyberKSA autonomous intelligence simulates the attacker's mindset within a zero-trust, air-gapped sandbox.

ISO 27001 ReadyNCA CompliantAir-Gapped Core

🌐

Ingesting Infrastructure

Project Scope

AI identifies live assets, cloud boundaries, and active nodes.

🧠

Pattern Analysis

AI-Powered Threat Intelligence

Smart correlation of breach vectors & systemic risk patterns.

⚡

Mapping Breach Chains

Attack Path Synthesis

Contextual simulation of multi-hop lateral movement routes.

🛡️

Boardroom Visualization

Executive Strategic Intelligence

C-suite ready insights with air-gapped data sovereignty.

Autonomous Monitoring Active

SEC-ID: 000

Operational Decision Engine

Simulation to
Decision.

“One finding. Multiple impacts. One decision.”

From attack simulation to executive decision — in seconds. CyberKSA provides the legal and offensive intelligence needed for rapid boardroom action.

technical PERSPECTIVE

🏛️

SEQ_0FF7SYSTEM READY

SEQ_1FF7MONITORING IDLE...

Advanced Decision Synthesis Active

AUDIT_VER: 1.0.84_BETA

Expertise & Standards

القدرات والامتثال المعياري

NCA APPROVED

NCA Compliance & Alignment

ECC & CSCC Official Alignment

"CyberKSA is designed in full alignment with the Essential Cybersecurity Controls (ECC) and Critical Systems Cybersecurity Controls (CSCC) frameworks issued by NCA."

🛡️

Why CyberKSA

منصة الأمن الهجومي الأولى في المملكة

صُمِّمت CyberKSA خصيصاً لفرق الأمن السيبراني السعودية — متوافقة مع ضوابط الهيئة الوطنية للأمن السيبراني وإطار هيئة الاتصالات.

✓متوافقة مع ضوابط هيئة الأمن السيبراني الوطنية (NCA)

✓تقارير اختبار الاختراق بالعربي والإنجليزي

✓بوابات عملاء معزولة وآمنة بالكامل

✓ذكاء اصطناعي متخصص في التهديدات السيبرانية

🇸🇦

متوافق مع NCA

ضوابط الأمن السيبراني

🔐

صفر ثقة

تحكم كامل بالصلاحيات

📋

تقارير احترافية

PDF تلقائي بالعربي

🤖

ذكاء اصطناعي

تحليل فوري للثغرات

What's New

Platform Changelog

v2.8SECApr 2026

→Advanced Governance: ROOT_OWNER identity protection for absolute security

→Seniority-based RBAC enforcement: preventing unauthorized privilege escalation

→Mandatory administrative approval workflows for high-privilege actions

v2.7NEWMar 2026

→Self-service security: Automated secure password recovery and reset flows

→Multi-factor OTP validation for critical administrative transitions

→Enhanced portal session management with zero-trust validation

v2.6AIFeb 2026

→AI-powered Fix Generator: Automated remediation advice for 2000+ CVEs

→Intelligent Report Narratives: AI-generated executive summaries and attack paths

→Offline LLM Integration: Qwen 2.5:7b support for 100% on-prem security

FAQ

Common Questions

Yes. CyberKSA is designed with Saudi NCA ECC-1:2018 controls in mind. All findings, reports, and access logs meet NCA audit requirements.

Absolutely. Each client gets an isolated portal with role-based access. They can view findings, track remediation, and download reports — all without seeing other clients' data.

The AI analysis runs on Ollama locally on your infrastructure. Your data never leaves your environment — critical for Saudi government and enterprise clients.

CyberKSA supports Nessus XML, Burp Suite XML, and its own built-in automated scanner covering ports, SSL, HTTP headers, and vulnerability checks.

The AI analyzes each finding's title and description, then automatically maps it to relevant MITRE ATT&CK tactics and techniques — giving you a full threat landscape view instantly.

Yes. Reports can be generated with Arabic executive summaries. The AI supports bilingual output — English technical details with Arabic executive sections.

Request a Demo

See CyberKSA in action

Book a 30-minute demo tailored to your team's needs.

Ready for your next
security engagement?

Support