A cybersecurity lighthouse. Every framework that matters.
Manara delivers a snapshot of cybersecurity posture across the four frameworks that actually drive board decisions — at department and organization level — with the roadmap and funding case the security team can act on Monday morning.
Built for: Built for a cyber maturity engagement where the CISO needed one view for the board and a different view for the team — same data, same day. And needed it to keep delivering value long after the assessment closed.
Most manara engagements end with a deliverable. Manara is what happens when the deliverable is built to keep running instead.
Most cyber maturity assessments are a one-time event. The deck is delivered, the heatmap is admired in the boardroom, and the team is left with a PDF and a feeling. Six months later, the roadmap is stale, the controls have drifted, and the next assessment starts from scratch.
Manara — Arabic for lighthouse — is the cyber posture engine that keeps running. Score maturity across all subcategories of NIST CSF 2.0, then see the same posture mapped to NCA ECC, NIST 800-53, and ISO 27001 automatically. Engagement scoping is built in. People, process, technology, and data are assessed as first-class dimensions, not afterthoughts.
The output is two things at once: an executive maturity dashboard the CISO can take into the boardroom, and the detailed roadmap and funding justification the security team needs to act. Both refreshable by the client, without us. The lighthouse stays lit.
The capabilities that come standard. Every one of them refreshable by your team — no licence, no lock-in, no vendor dependence.
NIST CSF 2.0 · NCA ECC · NIST 800-53 · ISO 27001 — score once, see all.
All four dimensions assessed for every control. No more PPT theatre.
Roll up by function or business unit; drill down to a single subcategory.
Every gap comes with an initiative, an owner, a cost, and a board-ready rationale.
Critical for KSA and the wider EMEA region — assessment and reporting both.
Hand it back. The team re-scores quarterly. The lighthouse stays current.
A walk through the actual product — same screens your team will use after we hand it over.
Start a new engagement against NIST CSF 2.0, NCA ECC, NIST 800-53, or ISO 27001.
Three deployment modes, one product. Your team picks the model that fits the data-sovereignty posture and the appetite for IT.
One HTML file. Opens from disk. Runs offline. No installer, no account, no server. Air-gap ready.
Drop into your department's SharePoint. Your IAM, your access policies, your governance — zero new vendor surface.
Deploy to your AWS, Azure, GCP, or private cloud. Your data never leaves your environment unless you want it to.
Mostafa runs the walkthrough personally. About 40 minutes — enough to see the engagement context, the live product, and how your team would take it over.