Measure, benchmark, and improve your organization's security culture

CyberAlign is a security culture assessment platform that measures your organization's human security posture. It goes beyond technical security tools by evaluating how well your team understands and practices security — then gives you an A–F security grade, identifies gaps, and provides an AI-generated remediation roadmap.

Your security grade is a simple A–F score that reflects your organization's overall security culture maturity. It's calculated from assessment questions across 10 security domains: identity & access, email security, data protection, endpoint protection, network security, incident response, backup & recovery, vendor risk, security training, and governance. The grade gives leadership a clear, communicable metric — much easier to act on than a 50-page audit report. The free tier includes your basic security grade; paid plans add domain-level scoring and trend tracking.

CyberAlign supports overlay mapping to 18 compliance frameworks: SOC 2, NIST CSF, HIPAA, PCI DSS, CMMC, CIS Controls, ISO 27001, GDPR, FedRAMP, HITRUST CSF, SOX, CCPA/CPRA, GLBA, COBIT, FISMA, FFIEC, CSA CCM, and AML. The framework overlay shows how your assessment results map to specific compliance requirements — making audit preparation significantly faster.

In the paid tiers after an assessment, AI analyzes your results and generates a prioritized remediation roadmap. It identifies your highest-risk gaps, suggests specific actions to close them, and estimates the effort required. The roadmap is practical and actionable — not generic checklist items, but recommendations tailored to your actual assessment data.

Yes. CyberAlign Free includes one platform-generated IT Acceptable Use Policy per year. Pro unlocks all 10 policy types (acceptable use, incident response, data handling, access control, and more) with up to 10 generations per year per type. Advanced provides unlimited policy generation plus Policy Assessment with AI-driven rewrites and version control.

Breach check, utilizes deep web monitoring, monitors your organization's email domains for known data breaches. The free tier shows basic breach counts. Pro and Advanced plans provide full breach details, affected service names, compromised data types, and exportable HTML reports for incident response documentation.

Yes. CyberAlign and GrowthPath are separate subscriptions that work seamlessly together. Many customers start with CyberAlign Free to assess their security culture, then add GrowthPath when they're ready for performance management. Bundling both gives you a complete view of your people — from security awareness to professional development.

White-label branding, multi-org management, and API access are available through our Partner program for MSPs and IT consultants. Contact us for details on custom pricing and setup.

A basic assessment takes about 10 minutes or less to complete. The assessments (in Pro and Advanced) covers 1000+ questions across 10 security domains: identity-access, email-security, data-protection, endpoint-protection, network-security, incident-response, backup-recovery, vendor-risk, security-training, and governance. Employees can complete it at their own pace, and results are available immediately after submission.

Most security tools focus on technology — firewalls, endpoint protection, vulnerability scanning. CyberAlign focuses on people — the human layer that's involved in 82% of data breaches. It measures security culture, identifies alignment gaps between leadership and workforce, and provides actionable remediation. Plus it connects to your people management platform for a complete view.

Yes. CyberAlign and GrowthPath are separate subscriptions that work together seamlessly. Many customers start with CyberAlign Free and add GrowthPath when they're ready for performance management.