Adriano Leite
Founder · CEO
Built and ran Cliffside Cybersecurity advisory before Cybereen. Two decades across security architecture, GRC, and the unglamorous work of getting boards to act before regulators do.
Built for the messy middle.
Cybereen is the management-system platform for organisations past spreadsheets but not ready to pay for SaaS built around the wrong frameworks. We focus on what AU and UK auditors actually ask about.
THE STORY
We built the platform we wished we'd had.
For years, the same conversation kept playing out across every IT leader we worked with. The board wanted a compliance score. The auditor wanted evidence. The team had a quarterly spreadsheet that nobody had updated. The big-name compliance SaaS was built around SOC 2 and charged in US dollars. Nothing fit.
The honest version: Essential Eight, ISO 27001, APRA CPS 234, and ISO 42001 aren't optional in Australia. Neither is staying under budget. The teams we cared about — small enough to feel every quarter's audit, large enough that one good evidence trail saves a working week — had no real software to lean on.
Cybereen is the platform we needed. Maturity-led, transparent pricing, built around the frameworks our auditors actually walk in with — not the ones US software vendors picked.
We're a small, distributed team based in Sydney and London. We use the product on ourselves. We're ISO 27001 certified, and we treat the next standard (ISO 42001 for AI governance) the same way we treated the last one — read it carefully, ship coverage, document our own application of it.
HOW WE WORK
Principles we won't drift on.
These have all been argued through more than once. They survived.
01 · Standards
Cover the standards your auditors ask about — not the ones US vendors prefer.
Essential Eight, APRA CPS 234/230, ISO 27001/27002, ISO 42001, NIST CSF. If your regulator cares, we plan to.
02 · Pricing
Real numbers on the page. No "contact sales" for the base tier.
Per-user-per-month, AUD or USD. Sticker price matches the invoice. Discounts get applied at quote time, not hidden behind a sales gate.
03 · Maturity-led
ML0 to ML3 — the next step is always obvious.
Compliance isn't a check-box exercise. We grade where you are, surface the highest-leverage next move, and track the climb. No "you have 234 gaps" without context.
04 · AI with purpose
We add AI where it makes operators and auditors faster — never to pad the feature list.
Drafts, mappings, summaries — suggested, never auto-published. The audit trail stays human. We hold ourselves to ISO 42001.
05 · Customer-shaped roadmap
Last six features came from customer calls. Next six are open for vote.
We don't ship features because they're easy. We ship them because someone with a board meeting in three weeks needed them.
06 · Calm voice
No urgency theatre. No "revolutionary." No exclamation marks.
Compliance buyers are exhausted by sales energy. We earn trust by being specific, not loud.
TEAM
A small group, on purpose.
Distributed across Australia and the UK. The people whose names are on the pricing page are the people whose names are on the support replies.
Founding engineer
Engineering · TBA
Coming soon — the platform is built by a small core team. We'll introduce them here as the team becomes public.
Founding designer
Design · TBA
Coming soon — same principle.
OUR POSTURE
We hold ourselves to the same bar.
We run the platform on the same management system we sell. ISO 27001 certified; ISO 42001 actively maintained. Certificates available on request — usually within the hour.
CERTIFIED
ISO 27001
Information Security Management System. Current certificate available on request.
MAINTAINED
ISO 42001
AI Management System. Self-assessed at ML2, audit roadmap in place.
RESIDENCY
Australia East
Customer data stays in Australia. UK residency available on request.
DISCLOSURE
Coordinated
security@cybereen.com. We acknowledge within one business day, fix within agreed SLA, credit reporters.
Want to know if we're a fit?
Same answer for everyone: a 30-minute call. We'll tell you honestly if Cybereen fits your stage — or if you should stay on what you have.