From compliance to real-time cyber defence – in one open, modular platform.
Cyberguardian helps organisations stay compliant with ISO 27001, NIS2 and TISAX while gaining operational control over their infrastructure using a curated set of open-source security tools.
GRC & ITSM
iTop · SimpleRisk/Eramba/OpenGRC · Nextcloud · Moodle · OpenProject
Monitoring
Grafana · Zabbix · OCS Inventory · SurveySolutions
Identity & Access
Keycloak · JumpServer · PacketFence · Vault · Bitwarden
Detection & Response
Wazuh · OpenVAS · Snort · OpenEDR · MISP · TheHive
One platform. Four levels. Real control.
Cyberguardian is a curated combination of open-source tools, integrated to cover the full security lifecycle: governance & risk, monitoring, access control and threat detection. Each tool is selected because it answers a concrete requirement in international standards such as ISO 27001, NIS2 and TISAX.
Maintain compliance, then go beyond it
Most organisations implement controls only to “pass the audit”. Cyberguardian starts from compliance requirements, but is designed to create operational security: dashboards, alerts, asset inventories, privileges, backups and incident workflows that are actually used.
- Every tool is mapped to specific ISO 27001 / NIS2 / TISAX controls.
- Focus on automation: inventories, logs, vulnerabilities, backups.
- Built to work in real IT environments (on-prem, hybrid, cloud).
Modular levels – start small, grow fast
You can start with Level 1 (GRC & ITSM) to structure your processes, then add monitoring, access control and advanced SIEM & EDR as your maturity increases. The tools are open-source or community-driven, so you keep control over data and architecture.
- Mix and match tools – no vendor lock-in.
- Centralised identity & single sign-on via Keycloak.
- Integrated vulnerability & incident workflows: OpenVAS → iTop → Wazuh/TheHive.
The 4 Cyberguardian levels
Each level adds a layer of capability. Together, they form a complete security and compliance stack that can be tailored to small, medium or complex organisations.
Governance, Risk & Compliance (GRC)
The foundation level ensures you can document, track and prove your controls: incidents, assets, risks, trainings, documents and projects.
ISO 27001 A.8 Asset Management · A.12 Operations Security · A.16 Incident Management · A.18 Compliance
NIS2 – Governance, risk management, policies and procedures
TISAX – Information security management, documentation & trainings
Infrastructure & Service Monitoring
Level 2 brings observability: metrics, dashboards and alerts for servers, applications, networks and services, so you can see problems before users do.
ISO 27001 A.12.4 Event Logging · A.12.7 Monitoring of Systems · A.18.2 Reporting
NIS2 – Continuous monitoring & detection capabilities
Identity & Access Security
Level 3 strengthens identity, network access and data protection: SSO, MFA, privileged access, secrets management, network access control, mobile devices and backups.
ISO 27001 A.9 Access Control · A.10 Cryptography · A.13 Network Security
A.17 Business Continuity · GDPR / DPIA via CNIL-PIA
TISAX – Access control, secure operations & mobile device security
Detection, SIEM & Response
Level 4 adds advanced threat detection and incident response: SIEM/XDR, vulnerability scanning, IDS/IPS, endpoint detection and threat intelligence sharing – connected with your GRC & ITSM workflows.
ISO 27001 A.12.4 Logging & monitoring · A.12.6 Technical vulnerabilities
A.16 Incident management · NIS2 – Detection, response & reporting
TISAX – Incident handling & logging requirements
Selected tools & their role in Cyberguardian
Below are some of the tools already integrated in Cyberguardian. Each one is mapped to processes (ITIL / ISO 27001 controls) and uses LDAP / SSO / MFA where possible.
Core stack examples
| Tool | Level | Primary role |
|---|---|---|
|
iTop
ITSM
CMDB
Incidents & Changes
|
1 | Central IT service management and CMDB linked to incidents, changes and assets. |
|
SimpleRisk / Eramba / OpenGRC
Risk
GRC
|
1 | Risk registers, treatment plans, audits and governance workflows. |
|
Nextcloud
Secure files
DMS
|
1 | Secure sharing of policies, procedures, evidence and records. |
|
Grafana & Zabbix
Monitoring
Dashboards
|
2 | Unified dashboards for server, application and network health. |
|
Keycloak
SSO
MFA
RBAC
|
3 | Central identity provider for all Cyberguardian tools (SSO & MFA). |
|
Wazuh
SIEM
XDR
Compliance
|
4 | Threat detection, log analysis and compliance dashboards. |
|
OpenVAS
Vulnerability
Scanning
|
1 / 4 | Vulnerability scans linked to risk registers and remediation tickets. |
|
TheHive + Cortex + MISP
IR
Threat Intel
|
4 | Incident response workflows and threat intelligence integration. |
How tools integrate
Cyberguardian is not “just a list of tools”. The goal is to combine them into coherent processes that map to security controls:
- Central authentication via Keycloak (LDAP/SSO/MFA) wherever supported.
- Assets discovered by OCS Inventory are synchronised with iTop CMDB.
- Vulnerabilities from OpenVAS and Wazuh create tickets in iTop / OpenProject.
- Risks in SimpleRisk/Eramba/OpenGRC reference real assets and controls.
- Backups (UrBackup) and mobile devices (H-MDM) are linked to continuity and access policies.
Behind the platform there is a team of enthusiastic cybersecurity specialists with hands-on experience in ISO 27001, NIS2, TISAX, GDPR and technical implementations (Wazuh, OpenVAS, FortiGate, Keycloak, etc.). We can help you choose and deploy the right combination for your environment.
The specialists behind Cyberguardian
Cyberguardian is created and maintained by a small group of practitioners – security consultants, CISOs and engineers who implement these tools in real organisations, not only in lab environments.
Who we are
We combine governance and technical expertise: from ISO 27001 & TISAX projects, to NIS2 gap assessments, SOC design, vulnerability management and incident response. The goal is to give organisations a practical, open toolkit that can grow with their maturity.
How we typically work with you
- 1. Short discovery session – understand your infrastructure, standards in scope (ISO 27001, NIS2, TISAX, GDPR) and existing tools.
- 2. Target architecture – choose Cyberguardian levels and tools that make sense for your context (SME, healthcare, manufacturing, public sector, etc.).
- 3. Pilot & integration – deploy a minimal but functional stack (for example: iTop + OpenVAS + Wazuh + Keycloak) and integrate with LDAP/AD.
- 4. Roll-out & training – document processes, train IT and business users, prepare evidence for external audits.
Let’s talk about your Cyberguardian stack
Send us a short message about your organisation and what you want to achieve (compliance, monitoring, SOC, access control, etc.). We will come back with a proposed architecture and next steps.
Contact information
If you prefer, you can contact us directly by email or schedule a remote session to see the Cyberguardian platform in action.
We can also support you with documentation (policies, procedures, risk registers), technical deployment (Docker / Kubernetes / on-prem) and preparation for external audits.