Cyber Risk Score

A single intuitive score based on all the information our tools can gather about an organisation

Each tool included in Cyber Toolkit produces a Cyber Risk Score which can be combined with the scores of all other tools in order to produce a comprehensive Cyber Risk Score for an organisation. These scores are included in all reports and tracked over time, making it easy to monitor progress and identify improvements.

Cyber Toolkit allows you to subscribe to your suppliers, enabling you to evaluate your supply chain risk. Suppliers must agree to this subscription and can revoke it at any time. To subscribe, simply use your cost credits, which enable us to offer the majority of the tools in Cyber Toolkit at no cost to end-user organisations.

Register below to get your score today and upload a list of your suppliers to understand your supply chain risk.

This system does not officially launch until 11th March 2026. You are able to pre-register in advance by completing the below form and when the system officially launches you will get an email containing login instructions.

Any legitimate UK-based public or private sector organisation can sign up for Cyber Toolkit and begin using the tools free-of-charge. The sign-up process can be very quick if you are able to use a Companies House registration number, a UK school Unique Reference Number or an FCA Society Number to prove that the organisation you are signing up is real. If you are unable to use any of these you can request a manual creation, however this does require a manual approval by our team within UK office hours.

Organisation Type:

The Cyber Toolkit team brings years of experience in both cyber security and law enforcement, witnessing an increase in cyber-attacks across all industries. Our mission is simple, to make cyber security straightforward and accessible for organisations, and to help build trust with customers and supply chains through the Cyber Risk Score.

While most features of the Cyber Toolkit are available for no cost, some services require payment, these include ongoing monitoring of supply chain Cyber Risk Scores, instant rescans to verify that mitigations are effective, and extended data storage (by default, results are stored for seven days). The platform uses a credit system for purchasing these extra services as needed.

A notable emphasis on supply chain management stems from the Cyber Toolkit business model, the largest 1% of companies pay for premium features, enabling organisations of any size to benefit from the suite of cyber tools at no cost. This approach helps everyone enhance their organisation’s cyber security and that of their supply chain. Paid features remain optional, anyone can use them, but they aren’t necessary to enjoy the core benefits of the system.

Vulnerability Scan

A scan to identify externally facing known vulnerabilities.

Automated Web Penetration Test

An automated method of identifying application security issues such as SQL injection and Cross-Site-Scripting (XSS).

External Port Scan

A scan of ports available externally to identify exposed dangerous services.

HTTP Header Audit

An audit of the headers returned by a web server to ensure they meet security best practices.

Email Security Audit

An audit of email security settings such as the use of encryption, DMARC, DKIM and SPF.

DNS Configuration Audit

An audit of DNS configuration settings to look for exposed internal assets and CDN misconfigurations.

Leaked Credential Check

A broad check across many data breaches on the clear web and darkweb check if an email address is included.

SSL Encryption Audit

An audit of the SSL encryption settings of a website or web application.

Gateway Security Monitoring

Detection of inbound attacks as well as outbound requests to known malware/ransomware servers.

Compliance Risk Assessment

Tools to help users prepare their readiness for Cyber Essentials including guidance.

Supplier Risk Assessment

An audit of the risk each declared supplier represents based on technical information gathered on that supplier.

Emerging Threat Notifications

Continuous monitoring of new registered vulnerabilities based on an asset register of used technologies.

Although Cyber Toolkit is a new company, registered in 2026, the team behind it is not new and have been working together for a long time running many of the UK's largest public cyber schemes. Most members of our team for this new venture have worked together at Pervade Software, the organisation responsible for the assessment platform used for the Cyber Essentials scheme since it's launch in 2014, the organisation which created and has run Police CyberAlarm from it's inception in 2017 until February 2026 and the organisation which created and ran the darkweb index software used by some of the world's largest public and private organisations. This core development team is bolstered by experts in Police cyber investigation and Open Source Intelligence (OSINT) research, adding even more expertise to the already very experienced Cyber Toolkit team.

Senior Leadership Team

Jonathan Davies

An experienced developer, cyber security expert and volunteer police cyber investigator, Jon serves and CEO of Cyber Toolkit.

Ben Cairney

An experienced developer with specialist expertise in darkweb technologies, Ben serves as CTO of Cyber Toolkit.

Simon Dodd

A certified network security specialist with a strong history in systems engineering, Simon services as Director of Engineering at Cyber Toolkit.

Holly Preece

Our manager of all things social media and website, Holly serves as Head of Marketing of Cyber Toolkit

Andrew Whitbread

An experienced project manager in a range of fields, Andy serves as Customer Communications Manager

Neil Coils

A very experienced technical support engineer, Neil serves and Head of Customer Support

All data held by this scheme is located in ISO27001 accredited data centres in London, no data ever leaves the UK and no personal data is ever shared with any 3rd party organisation. Cyber Toolkit is a wholly-owned system operated by the creators of the software, it is not a patchwork of 3rd party systems like many services available today. Cyber Toolkit's team are entirely UK-based and security cleared to SC level or above.

ISO27001

ISO27001 Certified Data Centres

Cyber Essentials

Certified to Cyber Essentials & Cyber Essentials Plus is coming soon.

SC Cleared Staff

All staff SC Cleared by UK Policing.

Our Cyber Toolkit team have successfully managed some of the UK's largest public cyber security services for over a decade without any issues stemming from data security, as a cyber security company it remains our top priority. The software systems used to host and run Cyber Toolkit are subject to regular penetration tests conducted by CHECK accredited, CREST approved external penetration testers in addition to our own rigorous internal testing processes. Any of our users can report issues, questions or concerns to us from within our system using the support centre, we welcome all feedback.

Free-to-use Cyber Tools

Cyber Risk Scoring