Skip to main content
Back to home
AI assessment

AI assessment for cybersecurity analysts

Rubric-graded, human signed-off. Not a quiz generator.

Try it free

Free plan - no card required.

Scorafy is the assessment-feedback layer for cybersecurity bootcamps and academies. It reads a learner's actual submission - an incident report, a written threat analysis, a lab write-up, uploaded evidence or a recorded walkthrough - then scores it against your own rubric with cited evidence taken from the work. An instructor reviews every result and signs off before it is recorded, so no judgement is made by software alone. It is not an LMS or a lab platform - it reads the analysis the way an instructor would and handles the grading and feedback alongside the tools you already use.

What you assess for cybersecurity analysis skills

  • Triaging an alert or incident correctly, including prioritising by real risk rather than treating everything as critical
  • Reasoning through a threat - what the evidence suggests, what is still unknown, and what the next investigative step should be
  • Writing a clear incident report with timeline, impact, root cause and containment, suitable for a non-technical stakeholder
  • Recommending proportionate, justified controls or remediation rather than a generic checklist
  • Following process and documentation correctly, including chain-of-evidence handling and what to escalate and when

A worked rubric criterion

You define the criteria and levels. Scorafy grades each answer against them, with the evidence.

Criterion

Triages a security incident and decides on a response

1Not yet competent - misreads the severity, jumps to a conclusion without evidence, or recommends a response that is disproportionate or skips containment
2Competent - assesses severity against the evidence, follows the triage process, contains appropriately, and documents the reasoning and the next steps clearly
3Exemplary - prioritises against real business risk, separates what the evidence shows from what is assumed, recommends proportionate containment and remediation, and flags the gaps that need further investigation

Why a quiz won't cut it

A multiple-choice quiz can confirm a learner knows the phases of incident response, but it cannot show whether they would triage a real alert sensibly, reason from incomplete evidence, or write a report a manager can act on. Security skill is judgement under uncertainty, and it lives in how a learner analyses an incident and explains their decisions. Scorafy grades that open-ended evidence against your rubric, so you assess the reasoning, not whether they memorised a framework.

Written, video, audio or file

A recorded walkthrough adds real value in cybersecurity because explaining an investigation is part of the job. A learner can upload a screen recording walking through how they investigated an incident in a lab, plus the written report and uploaded evidence such as logs or screenshots. Scorafy assesses the walkthrough and the documentation together against your rubric, so a learner who reasons through the investigation clearly is assessed on that reasoning.

A qualified person signs off

Scorafy drafts the scoring against your rubric and references the evidence. A qualified assessor reviews every result, overrides anything, and finalises it. The AI score is kept alongside the human-final score as an audit trail, so no decision is solely automated and every result can be explained.

Compliance and defensibility

Bootcamp results decide whether a learner is signed off as job-ready, so the human check matters. Scorafy is built compliance-first under the GDPR and the EU AI Act, which is doubly relevant in a field where the evidence itself can contain sensitive data. An instructor reviews and signs off every result - there is no solely-automated decision about whether a learner has met the standard. Every score keeps an audit trail showing the cited evidence and the instructor who confirmed it.

Frequently asked questions

Can Scorafy assess an incident report or a lab write-up?

Yes. A learner can submit a written incident report, a lab write-up, uploaded evidence and a recorded walkthrough. Scorafy reads all of it as evidence against your rubric, cites what supports each judgement, then an instructor reviews and signs off.

Does it run security tools or analyse live systems?

No. Scorafy does not run tools or scan systems. It assesses the learner's analysis, reporting and reasoning against your rubric. Run the labs and tools in your own environment, then assess the write-up and walkthrough in Scorafy.

Does software decide whether a learner passes?

No. Scorafy drafts the scoring against your rubric and shows its reasoning, but an instructor reviews, can override any score, and signs off before the result is recorded. No pass decision is made by software alone.

How is sensitive evidence in submissions handled?

Scorafy is built compliance-first under the GDPR and EU AI Act, with an audit trail on every result. You set the rubric and your instructors control what is recorded, so any sensitive data in submitted evidence is handled within your existing obligations.

Related

For coding bootcamps and skills academiesScorafy vs TestGorillaScorafy vs Coassemble

See it on your own rubric

Start free, build one rubric, and run a real submission through it before you decide.

Get started freeTry the demo