Cyberdesk, Inc

High risk

High risk. Significant audit integrity concerns detected. Recommend obtaining an independent compliance assessment before vendor engagement.

Grade: D

Dimensions

Scored across governance, coverage, security, and transparency.

Flagged signals

45% of all recorded signals are negative.

Observation period

July 15, 2025 - October 15, 2025

2 audit reports referenced.

Trust score

Grade D • High risk

32%

Primary concern

Audit database match

Strongest signal

Web presence

Signal composition

Flags

Neutral

Positive

Analysis

Weighted score breakdown

Contribution shows approximate points each dimension adds to the overall score.

Analysis

Audit Integrity

Impact:HighWeight 35%

1 / 100

0.4 pts contribution

Compliance Coverage

Impact:MediumWeight 25%

35 / 100

8.8 pts contribution

Infrastructure & Security

Impact:MediumWeight 20%

75 / 100

15 pts contribution

Transparency & Governance

Impact:MediumWeight 20%

40 / 100

8 pts contribution

Signal distribution by dimension

Shows where risk evidence is concentrated across the audit dimensions.

Audit Integrity

4 signals

Flags 4

Neutral 0

Positive 0

Compliance Coverage

2 signals

Flags 0

Neutral 2

Positive 0

Infrastructure & Security

3 signals

Flags 0

Neutral 1

Positive 2

Transparency & Governance

2 signals

Flags 1

Neutral 1

Positive 0

Highlights

Top risks

Audit database match

Company found in leaked database of template-based audit reports

Audit Integrity

Multiple flagged reports

2 separate reports found, suggesting repeated engagement with flagged auditor

Audit Integrity

Type 2 report flagged

Type 2 reports require observation period testing - template usage is more concerning here

Audit Integrity

Positive indicators

Web presence

Company maintains a public website

Infrastructure & Security

Transport encryption

Website configured with HTTPS

Infrastructure & Security

Details

Company details

Website: cyberdesk.io
Legal name
Observation period: July 15, 2025 - October 15, 2025
Report types: SOC 2 Type 1, SOC 2 Type 2
Infrastructure: Fly.io

Assessment notes

Public footprint

Public website and branded presence are available for validation.

Coverage view

4 scored dimensions with 11 supporting signals were analyzed.

Analyst takeaway

High risk. Significant audit integrity concerns detected. Recommend obtaining an independent compliance assessment before vendor engagement.

Evidence

Dimension evidence

Detailed evidence behind each dimension score and its underlying signals.

Audit Integrity

Impact: HighScore: CriticalWeight: 35% • Signals: 4

1 / 100

Signals (4)

Flag
Audit database match
Company found in leaked database of template-based audit reports
Flag
Multiple flagged reports
2 separate reports found, suggesting repeated engagement with flagged auditor
Flag
Type 2 report flagged
Type 2 reports require observation period testing - template usage is more concerning here
Flag
Auditor credibility
Audit performed by firm flagged for systematic template reuse

Compliance Coverage

Impact: MediumScore: HighWeight: 25% • Signals: 2

35 / 100

Signals (2)

Info
Single framework
SOC 2 report found, from a flagged source
Info
Report recency
Reports dated within Jan-Dec 2025 observation window

Infrastructure & Security

Impact: MediumScore: MediumWeight: 20% • Signals: 3

75 / 100

Signals (3)

Good
Web presence
Company maintains a public website
Good
Transport encryption
Website configured with HTTPS
Info
Cloud infrastructure
Hosted on Fly.io

Transparency & Governance

Impact: MediumScore: HighWeight: 20% • Signals: 2

40 / 100

Signals (2)

Info
Service description available
System description found in audit reports
Flag
Exception reporting
Zero exceptions reported across all audit periods - statistically improbable, suggests inadequate testing

Explore