What It Does
Built on Sounil Yu's Cyber Defense Matrix — a framework that maps what you have against what you need. Open source, license-free, and free for anyone to use, test, and deploy in their own environment.
Plot your security tools and capabilities across 5 asset classes and 5 NIST functions. See at a glance what’s covered and what isn’t.
Rate each cell from 1 to 5 based on real capability — not vendor promises. Track progress as your program matures.
Stop guessing where you’re exposed. The matrix reveals blind spots that slide decks and sales pitches won’t show you.
Security isn’t a solo effort. Invite your team, share assessments, and get everyone — technical or not — on the same page.
Export structured assessment data that’s safe to share with AI tools. No credentials, no architecture details — just the signal an LLM needs to help you prioritize.
Ecosystem
Every security tool covers different cells. See where the overlap is and where the gaps are — no vendor pitch required.
Cloud-native endpoint protection platform that combines next-gen antivirus, endpoint detection and response, and managed threat hunting.
Covers 5 of 25 cells
AI-Powered
An agentic assistant that reads your projects, finds gaps, and proposes changes — you stay in control.
Provider auto-detected at startup. Set one key and go.
The Problem
Marketing lingo, made-up terminology, and endless vendor consolidation have made it nearly impossible to understand what a security tool actually does for your program. Brands merge, products rebrand, and capabilities get buried under layers of buzzwords.
Sounil Yu created the Cyber Defense Matrix as a way to cut through the noise — a simple 5×5 grid that maps security functions against asset classes. It started as a framework in a book. Cyber Defense Matrix AI turns that framework into a tool any security team can deploy.
This is open source software, built for security teams to run in-house, so you control the sensitive data it collects. Free to use, free to improve, built in the open.
Self-host on your own infrastructure. Full control over your data, your deployment, and your roadmap. No vendor lock-in, ever.
Built on Sounil Yu’s Cyber Defense Matrix — a proven model used across the industry. No marketing whitepapers, just structure.
Free for every security team, from startups to enterprises. Contribute on GitHub and help shape what comes next.
Share your security posture with AI systems without exposing operational details. Structured visibility that’s safe to analyze externally.
Process
Set up a project for your organization and define what you’re assessing.
Walk through all 25 cells. Rate your actual maturity — not where you wish you were. Map the tools you have.
Review your coverage gaps, export reports, and prioritize what to fix based on real data.
Deploy Cyber Defense Matrix AI for your team or try the live demo. Open source, self-hosted, no strings attached.