Compliance is Mandatory. Boredom is Optional.
One training library that satisfies the security awareness control across seven major frameworks — SOC 2, PCI DSS, ISO 27001, HIPAA, NIST CSF, CMMC, and CIS Controls.
Cross-Framework Coverage
01 / 07
SOC 2
2017 Trust Services Criteria
Satisfies directly
CC1.4 / CC2.2
Security awareness & communication
What the training reinforces
Day-to-day staff behavior is where these controls hold or fail. The curriculum reinforces access control (CC6), monitoring & incident response (CC7), change management (CC8), availability & backup (A1), and vendor risk (CC9).
PCI DSS
v4.0.1
Satisfies directly
Req 12.6
Formal security awareness program
What the training reinforces
Cardholder data is only as safe as the people who handle it. The curriculum reinforces malware defenses (5), secure coding & OWASP (6), least privilege (7), MFA & passwords (8), physical security (9), logging (10), data protection (3), and vendor management (12.8).
ISO 27001
:2022
Satisfies directly
Cl. 7.2–7.3 + A.6.3
Competence & awareness
What the training reinforces
Your ISMS leans on people doing the right thing by default. The training reinforces supplier security (A.5.19–5.22), access control (A.5.15–18), data protection, physical security (A.7), and logging (A.8.15).
HIPAA
Security Rule
Satisfies directly
§164.308(a)(5)
Security Awareness & Training
What the training reinforces
Protecting PHI starts with everyday staff judgment. The modules reinforce administrative, physical & technical safeguards, incident procedures, and device & media controls.
NIST CSF
2.0
Satisfies directly
PR.AT
Awareness & Training
What the training reinforces
Awareness touches every part of your security program, not just one corner. The training reaches all six functions: Govern, Identify, Protect, Detect, Respond, and Recover.
NIST 800-171 / CMMC
DoD / CUI contractors
Satisfies directly
3.2
Awareness & Training family
What the training reinforces
Handling CUI demands disciplined habits from everyone on the contract. The curriculum reinforces access control, audit & accountability, configuration management, incident response, and media protection — for DoD and CUI contractors.
CIS Controls
v8
Satisfies directly
Control 14
Security Awareness & Skills
What the training reinforces
Skilled, aware staff are what make the technical safeguards actually work. The training maps to Controls 3, 4, 5/6, 7, 8, 11, and 15.
Built to HITRUST CSF e1 — the same curriculum carries the awareness layer across all seven.
Engagement-First
Compliance
Finally, a compliance training program built for your company culture. Get engaging security modules designed for your specific industry needs, ensuring you stay audit-ready and secure.
SoulEyez - CLI Toolkit
A powerful command-line toolkit for pen-testers that brings speed, visibility, and intelligence to your offensive engagements.
Available in Free, Paid, and Enterprise tiers.
CyberSoul Security Course
We focus on practical, workforce-ready skills. Let’s keep it straightforward - No BS! It’s real-world knowledge you can use immediately. Beyond CybersecurITy, we empower you with a valuable, transferable skill: Technical Program Management.
SoulEyez - Your Security Tooling Solution
Advanced Pentesting. Built for Modern Workflows.
Security shouldn't stop after an audit. SoulEyez is our proprietary, lightweight command-line interface (CLI) tool designed to bring automated penetration testing directly to developers and IT teams.
Engineered for speed and open-source friendliness, it seamlessly integrates into your existing pipeline to catch vulnerabilities before they become liabilities.
