nCrypt Radar

What it is

nCrypt Radar is the umbrella brand for the readiness, scanning, and decision-support tools that nCrypt Malaysia publishes for the Malaysian market. Each tool answers a specific operational question that a head of risk, CISO, head of IT, or business owner ought to be able to answer about their own organisation — without needing a procurement cycle or a six-figure platform contract to do it.

The platform exists because the commodity Malaysian cybersecurity tooling stack — external attack-surface management, compliance tracking, ransomware readiness scoring, and supplier risk — has consolidated around international vendors charging RM 2,000 to RM 50,000 per month. For Malaysian SMEs and mid-market organisations the price gap between "nothing" and "a Bloomberg-priced platform" is often the reason fundamental questions go unanswered. nCrypt Radar closes that gap with a free tier that is genuinely useful, and a Pro tier (in development) that adds saved scans, scheduled re-runs, alerts on drift, and multi-user accounts.

The Radar tools are intentionally aligned to the Malaysian regulatory environment — Bank Negara Malaysia's Risk Management in Technology framework, the Personal Data Protection Act, NACSA's Cybersecurity Act 2024, and the ISO/IEC 27001:2022 Annex A control set. Where a generic tool would test against a US-style baseline, Radar tools score against the controls Malaysian buyers actually have to defend in front of an internal auditor or a regulator.

Why we built it

nCrypt Malaysia's consulting practice spends most of its time with regulated organisations — banks, e-money issuers, payment system operators, healthcare providers, government agencies. Those clients can buy continuous monitoring platforms. The conversation we kept hearing from everyone else — the SME suppliers in their vendor chain, the local fintechs in pre-Series-A, the e-commerce operators with 50 staff — was that the foundational hygiene questions had no affordable answer.

"Are we leaking credentials in our DNS?" "Is our SPF actually configured?" "If we get audited tomorrow for PCI v4.0, where will we fail?" These are not boutique questions. They are operational hygiene. nCrypt Radar exists so that no Malaysian organisation has to skip them because of price.

The free tier will remain free. The Pro tier will fund the continued development of the free tier. That trade — "free for the questions that ought to be free, paid for the operational continuity layer" — is the model.

Accreditation context. nCrypt Malaysia's NACSA Cybersecurity Service Provider licence application is submitted; ISO/IEC 27001:2022 certification audit is in progress; CREST member-firm application is in progress; PCI ASV scanning is offered as applied / partner-delivered. Individual nCrypt consultants hold OSCP, CREST CRT, CISSP, ISO 27001 Lead Implementer, CCSK, and additional certifications.