Your AI vCISO and always-on sidekick — protect, prevent, detect and respond, and adapt to the threats of today and tomorrow.
Automate compliance (ISO 27001, SOC 2, NIST CSF), manage risk, and run threat-informed attack-surface management — all in one platform.
Free plan, no credit card — multi-tenant and tenant-isolated by design.
CISO 360° view — with 24/7 AI coverage
AI vCISO, built in
Guidance, drafting and gap-to-risk automation — human-approved.
Threat-informed
Attack-surface discovery feeds your compliance and risk posture.
16 standards
ISO 27001, SOC 2, NIST CSF and more on one mapped spine.
Bring your own AI
MCP server + agentic keys + safe actions on every tier.
One AI vCISO across attack surface, risk and compliance — turning live threat signals into continuous, threat-informed security.
A built-in AI vCISO that guides, drafts and derives risk from gaps — with a human always in the loop. Or bring your own AI agent via our MCP server, on every tier.
Get audit-ready across 16 standards, mapped to a common NIST CSF 2.0 spine.
Run assessments, track coverage and maturity, and attach evidence with expiry reminders.
An AI-derived risk register with inherent & residual scoring, heatmaps and treatment plans.
Continuous discovery of assets and vulnerabilities, so your posture reflects real exposure.
Real-data dashboards for compliance posture, risk and attack surface — at a glance.
Executive-ready compliance reports with coverage, gaps and risk — exportable.
Work as a team — internal and with third parties — with notifications and an activity feed.
Keep momentum with maturity badges, path-to-baseline and treated-over-time streaks.
Single sign-on, built-in roles, MFA and a typed audit log you can export.
Multi-tenant, scalable and supported — from self-serve to a dedicated CSM.
NIST CSF 2.0 is the core spine every account runs — assess once, see coverage everywhere.
Start free, get audit-ready on Essentials, run a full programme on Complete. Yearly billing saves ~17%.
$0/mo
Try the platform
$25/mo
Get audit-ready on one framework
$250/mo
Multi-framework GRC + AI vCISO
Yes. The Free plan is $0/month — a no-cost way to evaluate the platform, with a read-only NIST CSF 2.0 self-assessment and basic attack-surface scanning.
CISO360AI is a B2B platform for organisations. Registration and team invitations require a corporate (work) email address — personal, free or temporary email addresses are not accepted. This keeps every account tied to a verifiable organisation.
16 seeded standards including ISO/IEC 27001:2022, SOC 2, NIST CSF 2.0, CIS Controls 8.1, GDPR, HIPAA, OWASP Top 10, ACSC Essential Eight, UK Cyber Essentials and more — all mapped to a common NIST CSF 2.0 spine. See the Standards page for licensing and coverage.
Yes. On every tier you can connect your own AI agent via our MCP server, with user-managed agentic API keys and safe, human-approved, scope-gated actions. Our hosted AI Sidekick is metered per plan.
Yes. CISO360AI is multi-tenant by design — every organisation's data is tenant-isolated, and all access is scoped to your org and project.
Free is $0/month, Essentials is $25/month (one-framework starter), and Complete is $250/month (full multi-framework GRC + AI vCISO). Enterprise/Custom is available for mid-market and regulated organisations. Yearly billing saves roughly 17%.
Yes. Start on Free, upgrade when you are ready, and manage your subscription from your account at any time.
Spin up a free account in minutes and let your AI vCISO turn live attack-surface, vulnerability and risk signals into a prioritised, threat-informed plan — continuously, not once a year.