Start with the public tools.
Threat analysis, malware review, SIEM costing, query translation, supplier assurance and more.
Open tool directorySecurity Aid is a non-profit providing free tools, guidance and practical support for SMBs, meaning small and medium-sized businesses. Aid+ premium services fund the free side of the mission and the longer-term aim of running managed security services for SMBs at little or no cost.
Threat analysis, malware review, SIEM costing, query translation, supplier assurance and more.
Open tool directoryFree awareness support, community sessions and the first 4 hours free for advisory-led services.
See service linesAssessment Aid+, Containment Aid+ and Asset Aid+ cover the deeper review and platform workflows.
View Aid+ platformsReduce everyday risk with free role-aware training guidance that turns security advice into practical habits.
View serviceFree practical cyber security talks and workshops for SMBs, students and community groups.
View serviceThird-party and supplier security reviews with 4 free advisory hours before deeper review and evidence analysis moves into Aid+.
View servicePrepare your business to respond calmly and effectively when an incident occurs, starting with 4 free hours of planning and review.
View serviceImprove Microsoft 365, Entra ID and Defender configurations with 4 free review hours before deeper assessment and reporting moves into Aid+.
View serviceSecurity architecture, roadmap and control design work, with the first 4 hours free before moving into paid Aid+ delivery.
View serviceStream large web access or error logs locally, flag suspicious requests, align activity to likely findings and review the output in filterable tables and timeline views.
Open ToolDrop in a HAR file to highlight suspicious requests, injected JavaScript patterns, external infrastructure pivots and investigation priorities.
Open ToolUpload or paste suspicious package malware to recover targeted secret locations, environment variables, file paths, process targets and visible exfiltration indicators without scanning the visitor device.
Open ToolPaste encoded payloads, obfuscated code or suspicious snippets and get the best next CyberChef recipe to try without executing the sample.
Open ToolEstimate log ingestion, retention strategy and likely monthly or annual cost for Sentinel, Splunk and other SIEM platforms.
Open ToolGenerate a practical cyber security questionnaire to send to suppliers, SaaS providers and outsourced IT partners.
Open ToolCritical external asset discovery for internet-facing domains, infrastructure, exposed admin surfaces and newly discovered public assets.
The gated commercial flow is temporarily disabled while the platform tooling is being completed.
Open PlatformOne premium assessment platform where you choose the assessment you need and complete the relevant control review in one Aid+ workspace.
The gated commercial flow is temporarily disabled while the platform tooling is being completed.
Open PlatformPremium containment and mass-compromise review delivery for Azure/M365, Okta and Salesforce environments.
The gated commercial flow is temporarily disabled while the platform tooling is being completed.
Open Platform
A public issue can trick GitHub Agentic Workflows into leaking the contents of an organization's private repositories, researchers at Noma Security have shown. The…
Read article