Skip to main content
Tool Sprawl Self-Assessment — Cyberleaf
Security Self-Assessment · Tool Sprawl Diagnostic
Is Your Security Stack Actually Protecting You?
Score each statement honestly. This isn't a test — it's a map of where your risks are hiding. Takes about 3 minutes.
Cyberleaf
Score each:
0
Not in place / don't know
1
Partially / inconsistent
2
Fully in place / confident
0 of 16 answered
— / 32
1
Ownership & Accountability
— / 8
Every security tool in our environment has a named owner responsible for monitoring it.
We have a documented process for who responds to alerts — and that process is actually followed.
Our executives can explain what outcomes our security stack is designed to achieve.
Third-party vendors with network access are tracked and held to defined security standards.
Category total
2
Tool Integration & Visibility
— / 8
Our security tools share data with each other — alerts from one inform another.
We have a single pane of glass (or close to it) for reviewing security status across the environment.
We can correlate an alert from endpoint protection with identity and network data quickly.
We know whether each tool is configured to its full capability — not just installed.
Category total
3
Defense in Depth
— / 8
We have defined controls across all four phases: prevention, detection, response, and recovery.
Identity protection (MFA, privileged access) is treated as the highest priority control layer.
We have tested our incident response plan in the last 12 months — not just documented it.
Our backups have been verified — we know how fast we can recover and have tested it.
Category total
4
Risk Awareness & Strategy
— / 8
We maintain a risk register — risks are documented, prioritized, and reviewed regularly.
When we accept a risk, that decision is deliberate and documented — not just overlooked.
We can measure and report security improvement over time with concrete metrics.
We have a written security roadmap — a forward-looking strategy, not just a list of tools.
Category total
Get Your Full Results + Personalized Next Steps
We'll send your score summary and a recommended action plan based on your answers.
Please enter your first name.
Please enter your last name.
Please enter a valid email address.
Please enter your company name.
Please select your state.
Your information is kept private and shared only with Cyberleaf.
Your Assessment Results
/ 32
Score by Category
Your Recommended Next Steps
Ready to turn this into a plan? We'll do the heavy lifting.
Want a copy for your records?
Download a branded PDF of your results — useful for sharing with your team or revisiting later.

This assessment was developed by Cyberleaf based on common security posture patterns across SMB and mid-market organizations.
For questions, visit cyberleaf.io.