Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
Cybernaughts positions itself as a cybersecurity and Agentic AI service provider, but the captured site content mainly showcases security assessment and penetration testing services. These include external vulnerability assessments, internal network penetration testing, Web/API testing, cloud configuration reviews and cloud penetration testing, identity and AD security reviews, and managed continuous vulnerability scanning. One point to note: the About Us section contains a substantial amount of auto repair-related content, which does not align with its cybersecurity positioning. This may be leftover template text or a site content management issue, so its credibility should be verified further.
In terms of protection scope, it covers common enterprise attack surfaces: public IPs, cloud assets, DNS, Web applications, APIs, VPNs, internal hosts, AD/Azure AD, IAM, and object storage configurations. Its methodology emphasizes automated scanning combined with manual testing, with exploitation validation for key findings, such as lateral movement, privilege escalation, Kerberoasting, Pass-the-Hash, IAM abuse, role chaining, and data access testing. Deliverables appear relatively complete, including an asset inventory, vulnerability severity ratings, proof of exploitation, remediation recommendations, an executive summary, and retesting.
The main content does not disclose pricing, packages, payment methods, or project timelines. Its ongoing service model is described as monthly automated scanning combined with quarterly or semiannual manual penetration testing, along with a monthly scanning dashboard, quarterly reports, and SLA-based remediation retesting. However, specific SLA metrics, response times, and support channels are not stated.
The main advantage is its broad service coverage: it can support both one-off assessments and continuous vulnerability management. The cloud security section explicitly mentions tools such as ScoutSuite, Prowler, and Pacu, suggesting a focus on IAM, storage bucket, and privilege-chain risks. The drawbacks are the lack of disclosed compliance certifications, team qualifications, customer case studies, and integration details. The presence of unrelated auto repair content on the official website also undermines its professional image.
It is better suited for companies with public-facing services, SaaS/API products, cloud environments, or AD-based identity systems, especially for pre-launch testing, annual assessments, and retesting before or after compliance remediation. The captured content does not make it possible to assess access from China, and payment methods are not disclosed. For companies purchasing from mainland China, it is advisable to first confirm network connectivity, contracting entity, data export requirements, and report language. Possible local alternatives include DBAPPSecurity, NSFOCUS, Qi An Xin, and Venustech.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on cybernaughts.com official site.
cybernaughts.com is an Unknown Security provider. TG4G tracks its product information, an overall rating of 6.0/10, and a China-accessibility score of Limited (proxy recommended). Click "Visit Official Site" to reach cybernaughts.com directly.