Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
Cyber Security Works (CSW) is a U.S.-based cybersecurity service provider focused on Attack Surface Management, vulnerability management, penetration testing, exposure management, risk management, compliance, and managed security services. Its materials state that it is a CVE Numbering Authority sponsored by the U.S. Department of Homeland Security, and that it has served more than 400 public- and private-sector organizations across the United States, the UAE, India, and the Asia-Pacific region. It also claims to have discovered 55+ zero-day vulnerabilities.
In terms of protection model, CSW is closer to a combination of “security services + platform” than a standalone security tool. It emphasizes helping customers understand “how vulnerable they are and which issues matter most,” with a focus on vulnerability prioritization and reducing security debt. Its asset coverage includes on-premises network devices, applications, databases, cloud, IoT, mobile devices, web applications, and databases. For deployment, the contract terms cover CSW cloud solutions, software programs, and APIs. Some platform components can be downloaded, installed, and configured, while specific permissions, tiers, and limitations are determined by the order.
On the compliance side, the materials explicitly mention compliance services and CSW’s status as a CVE Numbering Authority, but they do not disclose common certifications such as ISO 27001, SOC 2, or PCI DSS. Information on management and alerting is limited; it can only be confirmed that CSW helps with vulnerability prioritization. Details such as alert channels, ticketing systems, dashboards, and SLAs are not provided. For integrations, the platform includes an API, giving it a basic foundation for system connectivity, but no specific integration list is provided for SIEM, ITSM, cloud platforms, or DevSecOps tools.
Pricing is order-based. Fees for both the platform and professional services are governed by the relevant Order or Statement of Work. Unless otherwise agreed, platform fees for the initial term must be prepaid, renewal fees are due on the renewal effective date, and the default term is 12 months. Payment methods include wire transfer or check, payable to CSW or an authorized reseller. Public pricing is not available, so buyers should clarify asset metering, service scope, deliverables, and renewal terms before procurement.
CSW’s strengths are its coverage across attack surface management, vulnerabilities, penetration testing, compliance, and managed services, along with its CVE and zero-day research background. It is best suited to mid-to-large enterprises, government agencies, and organizations that need external experts to strengthen their security capabilities. Its weaknesses are the lack of public product detail, especially around pricing, alerting, integrations, SLAs, and local support in China.
The materials do not provide information on access from mainland China, payment options, or local compliance, so china_access can only be assessed as unknown. For deployment in China, buyers should carefully test console connectivity, cross-border data handling, payment options, and the contracting entity. Comparable options include Qualys, Tenable, and Rapid7, as well as domestic Chinese vendors such as 奇安信, 绿盟, 安恒, and 启明星辰.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on cybersecurityworks.com official site.
cybersecurityworks.com is an United States Security provider. TG4G tracks its product information, an overall rating of 8.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach cybersecurityworks.com directly.