Free Tool
Security Controls Gap Checker
Check your IT security controls against Cyber Essentials Plus requirements. Identify specific gaps and get a prioritised remediation checklist.
Your Security Controls
Tick each control you have in place. Unchecked items will be flagged as gaps in your Cyber Essentials Plus compliance.
1. Firewalls & Internet Gateways
2. Secure Configuration
3. User Access Control
4. Malware Protection
5. Patch Management
Cyber Essentials Plus Technical Requirements
| Control Area | Key Requirements | CE+ Test Method | Common Failures |
|---|---|---|---|
| Firewalls | Boundary config, host-based firewalls on all devices | External vulnerability scan | Open ports, default credentials |
| Secure Configuration | Hardened builds, no default passwords or unnecessary services | Authenticated scan, manual check | Default passwords, unnecessary services |
| Access Control | Least privilege, individual accounts, MFA on cloud | Account review, cloud service check | Shared accounts, excessive privileges |
| Malware Protection | Real-time protection, automatic updates, on-access scanning | Malware detection test | Outdated signatures, disabled scanning |
| Patch Management | 14-day critical patches, no end-of-life software | Vulnerability scan, version check | Missing patches, EOL software |
Based on the NCSC Cyber Essentials Plus requirements. This tool provides guidance only and does not guarantee certification. Contact Cloudswitched for professional CE+ certification support.
More Free Tools
Try our other free security assessments and IT planning tools.