You cannot protect what you cannot see. Asset intelligence and threat visibility start here.
786 Cyber maps your digital footprint, prioritises vulnerabilities by real-world exploitability, and monitors external threats targeting your organisation — giving you the intelligence to act before attackers do.
Why visibility matters
Most organisations are attacked through assets they didn't know they had or vulnerabilities they didn't know were exposed.
Shadow IT, forgotten subdomains, misconfigured cloud storage, and unpatched legacy systems are the entry points that attackers find before you do. Technology & Threats gives you the visibility to find them first — and the context to prioritise what matters.
"The organisations that recover fastest from security incidents are never the ones that were most surprised. They're the ones that had the most visibility — of their assets, their vulnerabilities, and the threats targeting them."
What you get
Three modules. Complete technology and threat visibility.
Modules 3, 5, and 6 together give you a unified view of your asset landscape, vulnerability queue, and external threat environment.
Asset Intelligence & Management
Internal asset registry
Devices, servers, mobile endpoints, IoT, and cloud instances — all catalogued with owner, location, and business criticality rating.
External attack surface mapping
Domains, subdomains, and externally exposed services — continuously monitored for new exposure.
Cloud misconfiguration detection
S3 buckets, Azure blob storage, and cloud services scanned for public exposure and misconfiguration.
PCI scope identification
Cardholder data environment tagged and scoped — essential for PCI-DSS compliance and audit preparation.
Vulnerability Management
Internal CVE scanning
Operating systems, applications, and configurations scanned against the NVD and CVE databases — findings explained in plain English.
CIS Benchmark alignment
Security configuration gaps identified against CIS Benchmarks — showing exactly what needs hardening and how.
Risk prioritisation matrix
Vulnerabilities ranked by exploitability, business impact, and live exposure — not just CVSS score. Focus on what actually matters.
Remediation playbooks
Step-by-step guidance for every finding — links to patches, configuration guidance, and verification steps.
Threat Intelligence & External Monitoring
Dark web monitoring
Company name, domain, executive names, and brand mentions monitored across dark web forums and marketplaces.
Credential breach detection
HaveIBeenPwned integration — continuous monitoring for company email addresses appearing in breach databases.
Domain monitoring
Typosquatting, phishing infrastructure, and brand impersonation domains detected and alerted in real time.
VirusTotal & Shodan integration
Malware analysis, URL reputation, and external infrastructure exposure monitored continuously.
Tech & Threat controls are tagged to compliance frameworks
Vulnerability scanning, patch management, and asset management are explicit requirements in Cyber Essentials, ISO 27001, PCI-DSS, and NIS2. 786 Cyber maps every control — so implementing a vulnerability scan progresses multiple frameworks simultaneously.
Platform features
Technology and threat visibility — including dark web monitoring, credential breach detection, and external infrastructure exposure — available today.
Credential breach monitoring
HaveIBeenPwned integration — free tier available now. Check company domains for exposed credentials in known breach databases.
VirusTotal URL & domain checks
Real-time malware and URL reputation analysis — available now via the free VirusTotal API tier.
Control tagging to frameworks
Patching, asset management, and vulnerability controls tagged to CE, ISO 27001, PCI-DSS, and NIST CSF — progress multiple frameworks with every action.
Risk score
An overall risk score that reflects your technology posture — updated as controls are implemented and threats are detected.
Monthly threat summaries
Monthly reports covering vulnerability status, patch coverage, threat alerts, and outstanding technology controls — delivered automatically.
MSP multi-tenant dashboard
Surface technology risk and threat alerts across every client from one dashboard — coming Phase 3 (Q4 2026) with the full MSP portal.
Framework coverage
Frameworks with significant technology and asset requirements.
Cyber Essentials
Patch management and malware protection are two of the 5 CE control categories. Both require asset visibility.
ISO 27001
Annex A.8 (Asset Management) and A.12 (Operations) require documented asset inventory and vulnerability management.
PCI-DSS
Requirements 6, 11, and 12 require vulnerability scanning, penetration testing, and complete asset inventory for the cardholder data environment.
NIST CSF
The Identify and Detect functions are heavily dependent on asset visibility and threat monitoring capabilities.
See your attack surface clearly.
Start with credential breach monitoring and your asset management controls — available now in the platform.
For MSPs: enquire about the partner programme →
Asset Intelligence
Every asset, in one registry
A complete inventory of every endpoint, application, cloud service, and hardware component in your organisation. Imported automatically from Microsoft 365 or Google Workspace, or uploaded via CSV.
Vulnerability Management
Prioritise by real-world exploitability
Prioritise vulnerabilities by real-world exploitability, not just CVSS score. External scanning via Shodan and VirusTotal, internal CVE tracking, and CIS Benchmark alignment — all in plain English.
Threat Feeds & External Exposure
Continuous external monitoring
Continuous automated monitoring of your external threat landscape. HaveIBeenPwned for credential breaches, DNSTwist for typosquatting, crt.sh for subdomain discovery, and VirusTotal for domain reputation.
Explore all integrations →Security Posture Management
Your whole posture, one dashboard
A live view of your organisation's security posture — compliance scores, open vulnerabilities, identity risks, and threat exposure — all in one dashboard. Track progress over time as you implement controls.