๐Ÿ‡ฌ๐Ÿ‡ง UK NCSC โ€” CYBER ESSENTIALS

Automate Cyber Essentials
compliance assessment

๐Ÿ“œOfficial source: NCSC Cyber Essentials (UK)

SBCMSP maps 673 external and 200 internal security checks to all 5 Cyber Essentials technical controls. Generate audit evidence, compliance reports, and remediation roadmaps โ€” ready for certification bodies.

Start Free Trial See All Frameworks
5 Technical Controls

Every control. Automated.

Cyber Essentials defines 5 technical control areas. SBCMSP checks every one โ€” automatically, on every scan, with evidence captured for your certification body.

CONTROL 01
Firewalls
Verify boundary firewalls are in place and configured to block unauthenticated inbound traffic. SBCMSP checks for exposed services, open dangerous ports, and missing firewall protections.
PORT-001โ†’025 NET-013 SVC-021 NET-018
CONTROL 02
Secure Configuration
Default credentials changed, unnecessary software removed, auto-run disabled. The SBCMSP Agent runs 200 checks across 14 modules covering Windows, Active Directory, encryption, patching, and applications.
WIN-021โ†’050 REG-001โ†’020 SVC-001โ†’025
CONTROL 03
User Access Control
Accounts use least privilege, admin accounts are protected with MFA, and standard accounts are not granted admin rights unnecessarily.
USR-001โ†’030 AD-023โ†’052 M365-015โ†’039
CONTROL 04
Malware Protection
Anti-malware solutions are installed, active, and up to date. SBCMSP verifies AV registration, real-time protection status, and definition age across all agent-monitored endpoints.
APP-012 APP-013 CVE-032 WIN-034
CONTROL 05
Patch Management
Operating systems and software are patched within 14 days of a security update. SBCMSP tracks OS EOL status, software versions, pending reboots, and Windows Update health.
CVE-020โ†’050 CVE-040 CVE-041 WIN-042
Evidence Vault

Audit-ready evidence, automatically captured

Every scan generates timestamped compliance artifacts stored in the SBCMSP Evidence Vault โ€” ready for Cyber Essentials assessors and certification bodies.

  • โœ“Timestamped scan results for every check in every control area
  • โœ“White-labeled PDF compliance report with CE framework mapping
  • โœ“Remediation audit trail โ€” who fixed what, and when
  • โœ“Evidence export package (ZIP) for assessor submission
  • โœ“Historical score trend showing compliance improvement over time
Cyber Essentials โ€” Compliance Report
PASS
FrameworkCyber Essentials
Domainclient-domain.co.uk
Score84 / 100 โ€” Grade B
Controls Passing4 of 5 (Firewalls, Config, UAC, Malware)
Open Findings3 (1 High, 2 Medium)
Evidence Captured247 artifacts
Scanned2 Jan 2026 ยท 09:14 UTC
Manual vs Automated

Stop doing this manually

๐Ÿ˜ค Manual Cyber Essentials Assessment
โŒSpreadsheet checklists filled in manually per client
โŒScreenshots and manual evidence collection taking days
โŒNo continuous monitoring โ€” compliance drifts between assessments
โŒReassessment from scratch every 12 months
โŒNo remediation tracking โ€” findings get lost in email
โšก SBCMSP Automated Assessment
โœ…673 external + 200 internal checks run automatically daily across all 5 controls
โœ…Evidence captured automatically โ€” timestamped, exportable
โœ…Continuous monitoring โ€” know about drift before auditors do
โœ…Historical trend shows compliance improvement over time
โœ…Remediation tracking with SLA enforcement and assignees

UK government contracts require Cyber Essentials

All suppliers bidding for UK central government contracts involving sensitive data or systems must be Cyber Essentials certified. SBCMSP gives MSPs the automated tooling to prove it.

Start Free Trial