NCG // NEURALCIBERGUARD SAIT · INFORMATION SECURITY EST. 2026 · CALGARY AB
SAIT · Information Security · Capstone 2026

We are NCG — four students defending small business.

NeuralCiberGuard builds GuardEndDev Suite (GEDS): affordable, enterprise-grade cybersecurity across endpoint, mobile, network, and web — unified in one AI-assisted dashboard.

Nathaniel · Charles · Nicholas · Abdel — ISS Diploma 2026

Team
04 students
Surfaces
05 protected
Program
ISS 2026
Product
GEDS
NeuralCiberGuard copper shield
01 / TEAM
The Team

Four students, one security suite.

All in SAIT's Information Security (ISS) Diploma, graduating 2026 — each owning one protection surface of GEDS.

A

Abdel

Lead · Dashboard + AI-IR
ISS Diploma 2026
  • Team lead & multi-tenant dashboard
  • AI incident-response assistant
  • Web app security, identity, cloud
N

Nathaniel

Desktop · AI-EDR
ISS Diploma 2026
  • Linux EDR, 7 MITRE rules
  • Anomaly detection + ransomware canary
  • Malware analysis, forensics
N

Nicholas

Mobile · PhishGuard
ISS Diploma 2026
  • Android scam-SMS detection
  • SIM-swap alerts, on-device privacy
  • Mobile security, on-device ML
C

Charles

Sentry · Network
ISS Diploma 2026
  • Raspberry Pi deception tripwire
  • Honeypot, Wi-Fi/RF, LoRa alerting
  • Network security, hardware, IoT
02 / CAPABILITIES
Capabilities

Skills & Tools

The combined proficiency across the team, and the tools we actually work with.

Core Proficiency
Web Security (WordPress / WAF) 82%
Security Documentation & Triage 80%
Windows Server / Active Directory 74%
Network Security Fundamentals 72%
Malware Analysis & Forensics 68%
Python / Scripting 62%
Tools & Platforms
Kali LinuxWiresharkNmap / MasscanMetasploitBurp SuitesqlmapVolatility 3AutopsyGDB + pwndbgGhidraROPgadgetpwntoolsSysmonSysinternalsWordPress SecurityWordfence / WAFWindows ServerActive DirectorySecurity OnionMITRE ATT&CKTryHackMeHackTheBoxPythonJavaScript / TypeScriptSQLHTML/CSSGit / GitLabCisco Packet Tracer

GitHub Foundations

GitHub · 2025 · Completed

AZ-900 · AZ-500

Microsoft Azure · In progress

CCNA 200-301

Cisco · In progress

CompTIA CySA+

CompTIA · Planned

SSCP

ISC2 · Planned

GIAC GSEC

GIAC · Planned

03 / TERMINAL
Interactive · Built by the team

The NCG terminal.

A live shell we built for this site — type a command to explore the team, the products, and the build. Try help.

ncg@neuralciberguard: ~interactive
ncg@guard:~$ whoami
Four SAIT Information Security students building GuardEndDev Suite. Type help to see what this terminal knows.
ncg@guard:~$

A real interactive component — commands run in your browser, nothing is sent anywhere.

04 / WORK
Work · Selected

Selected Projects

Academic and operational security work — from penetration testing to two years of production defence.

01
Network Security Audit
Academic penetration test — reconnaissance, open-port analysis, and unpatched-exposure identification, delivered as a prioritised remediation report with CVE references and MITRE ATT&CK mappings.
Security AuditNmapKali LinuxReporting
2025ACADEMIC
02
SQL + JavaScript CRUD Web App
Full-stack interactive application built security-first: input validation on every field, parameterised queries, and clean data flow from UI to database with no information leakage on errors.
Secure DevJavaScriptSQLValidation
2025CODING PROJECT
03
WordPress Security Hardening
Two years of weekly production security work — WAF tuning, malware scanning, plugin/CVE monitoring, 2FA/CAPTCHA, and monthly backup-and-recovery drills. Real WAF, real malware, real recovery.
OperationalWordPressWAFIncident Docs
2023–25PRODUCTION
04
GuardEndDev Suite — Capstone
The team's flagship: five protection surfaces (endpoint, mobile, network, web, dashboard) unified into one AI-assisted, multi-tenant platform. Full write-up below.
CapstoneNext.jsPythonMITRE ATT&CK
2026TEAM · FLAGSHIP
05 / ROADMAP
The Path

Classes & Roadmap

A structured path through the ISS program — click any phase to expand. [dates/courses: confirm with your SAIT records]

Complete

Lab & Dev Environment

+

Isolated lab built with virtual machines, Kali Linux, Windows Server, and a structured project repository. Public portfolio online.

VirtualBoxKali LinuxWindows ServerGit
Complete

Secure Networking Fundamentals & OS Internals

+

Networking fundamentals, OS internals, and computer architecture. Cisco Packet Tracer labs, IP addressing, ACLs, subnetting.

Complete

Offensive & Defensive Networking + Web App Security

+

Attack/defence techniques, web vulnerabilities (DAST), and security practice within the Canadian legal context.

Complete

Social Engineering, Compliance & Encryption + Scripting

+

Social engineering, compliance and encryption, and scripting for security tooling.

Complete

Security Policies & Operations + Statistics

+

Governance frameworks, policy writing, risk-assessment methodology, and the statistical thinking behind data-driven security decisions.

Complete

Wireless Security · IoT · OS Exploitation

+

Wireless attack vectors (WPA2 cracking, rogue APs), IoT attack surface, and OS-level exploitation techniques.

In progress

Malware Analysis & Computer Forensics

+

Static/dynamic malware analysis, PC-format & sandboxing, disk/memory forensics, and evidence chain of custody.

Next up

Cloud + Detection Engineering · Capstone Showcase

+

Cloud security focus, detection engineering, and the Tech CapCon capstone showcase (Aug 2026): first green pipeline, Sentry on real hardware, signed release.

06 / INTEL
Intel / News

The threat landscape.

Keeping current isn't optional — it's the job. A live global attack map, and the sources we actually follow.

LiveGlobal Cyber Threat Mapsource: Check Point ThreatMap

Live feed embedded from Check Point's public ThreatMap. If it doesn't load in your browser, open threatmap.checkpoint.com directly.

Community

r/cybersecurity

The largest practitioner-run community — tools, careers, and breaking news, unfiltered.

Investigative

Wired Security

Long-form journalism on state-sponsored attacks, zero-days, and policy.

Daily News

The Hacker News

High-volume threat intelligence and CVE coverage — active exploits and new malware.

Investigative

Krebs on Security

Brian Krebs — the gold standard in cybercrime investigation, fraud, and botnets.

Technical

BleepingComputer

Best technical coverage of ransomware campaigns, malware analysis, and Windows security.

Research

SANS ISC

Daily threat diaries from SANS instructors — technical, dense, and current.

Enterprise

Dark Reading

Enterprise threat intelligence and vendor research — the business side of security.

Daily News

Cybernews

Fast-moving daily coverage of data breaches, ransomware, and threat-actor activity.

Operative Arsenal · 68 tools

Cybersecurity Tools Lab

Professional-grade tools across network security, application testing, cloud defence, incident response, SIEM/SOC, threat intelligence, OT/IoT, and forensics — every tool a working security engineer actually uses. Filter by discipline:

WiresharkNmap / ZenmapSnort 3SuricataSolarWinds NPMZeek (Bro)tcpdumpPRTG Network MonitorMasscanpfSense / OPNsenseNetworkMinerntopngBurp SuiteOWASP ZAPCheckmarx SASTVeracodesqlmapSnykSemgrepNiktoGobuster / ffufSonarQubeAcunetix (Invicti)Prisma CloudAWS Security HubMicrosoft Defender for CloudLaceworkProwlerTrivyFalcoScoutSuiteAWS GuardDutyCheckovTheHiveSANS SIFT WorkstationMISPXplicoVelociraptorCortex XSOARCyberChefPlaso / log2timelineSplunk Enterprise / SIEMMicrosoft SentinelElastic Security (ELK SIEM)WazuhSecurity OnionIBM QRadar SIEMGraylogOpenCTIMaltegoShodanYARAVirusTotalSigma RulesDragos PlatformClarotyNozomi NetworksGreenbone / OpenVASTenable OT SecurityFirmwalkerArmisPLCScan / RedpointVolatility 3AutopsyGhidraPEStudioANY.RUNBinwalk
Browse the full Tools Lab · 68 tools →
07 / GAME
Interactive · Teaching Platform

Security training games.

Learn real attack techniques by playing. Our flagship — Cyber Traversal — leads a growing library of hands-on security games, all on our games hub.

Real 2025–2026 attack techniques — ROP chains, supply-chain compromise, process injection, LotL/LOLBins — mapped to MITRE ATT&CK and the NIST NICE Workforce Framework. Live CVE feed, XP system, skill tree, and a tool arsenal.

11
threat zones
35
missions
9
operative classes
3
play modes

Three modes: Professional (full security-tool guide) · Senior / Consumer Awareness (GrapheneOS + consumer app guidance) · Industry Threats (sector case studies for Healthcare, Finance, Retail, Education).

Enter the Games hub →
Project Capstone Product

GuardEndDev Suite — the whole picture.

One suite, one backend, one AI assistant. Five protection surfaces feed a single multi-tenant dashboard — a small business sees one incident, not ten disconnected alerts.

Guardian Desktop

Linux AI-EDR — 7 MITRE rules, anomaly ranking, ransomware canary mesh.

▹ Nathaniel

Guardian Mobile

Android PhishGuard — on-device scam-SMS & SIM-swap detection.

▹ Nicholas

Guardian Sentry

Raspberry Pi deception tripwire — honeypot, Wi-Fi/RF, LoRa.

▹ Charles

Dashboard + AI-IR

Unified alerts + a plain-English AI incident-response assistant.

▹ Abdel (Lead)

Guardian Web

Edge WAF / IDS / IPS — web attacks join the same incident thread.

▹ Team

How it works

  • Every surface signs its events (HMAC / JWT) into the dashboard
  • Postgres row-level security isolates each customer's data
  • A correlation engine threads related alerts into one incident
  • AI-IR explains it in plain English — read-only, fully audited

What we built

  • Three-layer tenant isolation, CI-tested
  • One enforced AI boundary — read-only tools, injection canary
  • Device kill-switch + tamper-evident audit log
  • Signed .deb + hardened systemd unit; 19-job security pipeline
5
protection surfaces
7
MITRE ATT&CK rules
1
unified incident view
$0
demo runs in mock mode