Your All-round Cyber-Intelligent Sidekick

CISO360AI is the first of its kind to leverage offensive tools, quantified risk assessment, threat intelligence, gamification and a gritty AI to improve cybersecurity governance, risk and compliance and stay ahead of cyber attackers

Hero Image


Our current features and work in progress

Attack Surface Discovery

Continous discovery of assets, identities, domains, hosts, IPs, URLs, ports

Offensive Toolchain

Network and web assets scanning based on offensive tools, same as used by red teams or attackers

Vulnerability Management

Continous vulnerability management, triage, prioritisation, tracking and alerting

Risk managegement

Risk assessment and mitigation tracking. WIP: AI assisted prioritisation and prediction

Privacy assessment

WIP: Web scan on GDPR, cookies, SSL non-conformance

Identity assessment

WIP: Dark-web compromise identity and IP scanner

ISMS Policy bundle

WIP: Cybersecurity policy pack compliant with recognised standards


Escalation, sharing, alerting, third-party vendor assessments


Solving the puzzle...

Our Journey and roadmap


2019-20 CyberGraph prototype developed, linking discovered Assets, Vulnerabilities and Vendors in a Graph DB. COVID-19 puts the project on hold, re-focusing us on Pentesting as a Service (Pentest.NZ), CyberAwareness Training (, Threat Intel and Security Operations (

CISO360AI beta

2021-22 CISO360 concept and MVP developed. Beta version is used internally and with select partners to manage vulnerability assessments and pentests, vCISO GRC activities and prototyping initial automation and machine learning modules.

v1 "baby" AI

2022 Q4 - v1.0 "baby" AI and concept, colaboration with academia, early-stage investing rounds. Data aquisition, sampling and modeling to predict risks using a hush-hush AI and not too many ifs

v2 "teen" AI

2023 - v2.0 "teen" AI - learning the reality, through simulated games and stories and real-life incidents

v3 "mature" AI

2024-25 - v3.0 "mature" AI - autonomos vCISO


2025 - we discover we already live in a game and technology was never the problem...

We are the Borg

Lower your shields and surrender. We will add your technological distinctiveness to our own. Your culture will adapt to service us. Resistance is futile.


What's interesting about CISO360AI

The motivations, frustrations and changes we are focusing on.

Lowering the burden

Let's face it, big or small team, Governance, Compliance and Risk (GRC) is no fun, at best is an operational burden, usually a tick box exercise and at worst just a policy and prayer. How can we change the approach?

Zero-trust realities

Never trust, always verify!... wishful thinking. What is my actual risk exposure and what risks are acceptable? (internal, third-party)


How can I engage my team, our vendors and clients to address shared cyber-risks?

Leveling the asymetric playing field

Reducing attacker advantages and defenders gaps. What are my significant vulnerabilities, as seen by attackers?

Resources and cost

GRC tools aim for large enterprises/teams and are costly. CISOs are a rare commodity at SME/MSP level. How can we leverage tech to give us an edge?

Best Practices

What are 20% of controls and actions that can cover 80% of my risks? What is my optimum plan? (for my size, obligations, budget, appetite, threat intel)

Frequently Asked Questions


(Cyber)Space, the final frontier. These are the voyages of the CISO360AI team. Its five-year mission: to explore strange new worlds.


Many say exploration is part of our destiny, but it’s actually our duty to future generations.

Can I try CISO360AI?

Absolutely, see call to action

Can I join CISO360AI

We dare you!

Stats... we are aiming for... ;)


Worry-free Clients


Managed risks


$ saved loses


incidents prevented


Skeptic by the numbers you are seeing on this page? You should be! Get in touch to learn more on how are working to make it happen!...