CF CyberFrontier Alliance
AI-era cyber resilience

We build the cybersecurity infrastructure Africa and the Caribbean actually get to use.

CyberFrontier Alliance translates frontier AI-era security practice into working SOCs, trained workforces, and compliance engines across emerging markets. Powered by Aegis360AI. Operated by SBTS Group.

7Countries of operation
820+Training courses on TrainingSol
50+MDA participants certified (NC3)
24×7Managed SOC operations
The moment

Frontier AI has crossed a cybersecurity threshold.

In April 2026 Anthropic disclosed that an unreleased Claude model had autonomously discovered decades-old vulnerabilities in every major operating system. The capability to exploit software at machine scale is here. The defensive infrastructure in emerging markets is not.

27 years
Age of an OpenBSD vulnerability autonomously discovered by a frontier model that had no prior knowledge of it.
USD 100M
Committed by Anthropic to coordinated defensive security work with 12 founding industry partners under Project Glasswing.
0
Organizations headquartered in West Africa or the Caribbean among the Project Glasswing launch cohort.

"The capability to exploit software at machine scale is here. The infrastructure to defend against it — in most of our region — is not yet."

Evelyn A. Lewis, CEO, SBTS Group

The gap

Policy exists. Execution does not.

Most African and Caribbean jurisdictions have cybersecurity policies on the books. The missing layer is operational: shared SOC capacity, integrated compliance telemetry, coordinated vulnerability disclosure, and workforce at scale.

Where most jurisdictions are today

  • Cybersecurity policies on the books; enforcement telemetry weak.
  • Implementation capacity concentrated in a handful of institutions.
  • Fragmented vendor tooling with no regulator-routed reporting.
  • Workforce pipeline far below need, especially in SOC and DevSecOps.
  • Coordinated vulnerability disclosure underdeveloped.

Where CyberFrontier + Aegis360AI take them

  • Policies translated into implementable technical standards.
  • Shared-services execution capacity deployable in 90 days.
  • Unified compliance, threat intelligence, and vendor-risk telemetry.
  • ICBM workforce pipeline: Train, Certify, Employ, Advance, at scale.
  • National coordinated vulnerability disclosure infrastructure.
How it fits together

Three layers. Each credible on its own.

A non-profit coalition that convenes and translates. A commercial platform that executes. A delivery organization that operates.

Coalition
CyberFrontier Alliance
Non-profit that convenes regulators, governments, and enterprises across Africa and the Caribbean on AI-era cyber resilience. Translates global practice into regional implementation.
Platform
Aegis360AI
Commercial, multi-tenant cybersecurity and compliance platform: threat intelligence, compliance automation, vendor risk, managed SOC, patch orchestration, vulnerability disclosure.
Delivery
SBTS Group
Operates Vultcore (managed SOC), TrainingSol (820-course LMS, ICBM workforce) and Kallmania (BPO). Runs the NC3 World Bank-funded programme in Sierra Leone.
The Alliance

Five pillars of operationalization.

01
Policy Translation
Africa Implementation Briefs that translate global frameworks, including public Project Glasswing outputs, into regulator-ready language for African and Caribbean jurisdictions.
02
Implementation Support
Shared-services execution capacity: SOC, compliance, CVD infrastructure deployable on 90-day timelines via Alliance member organizations.
03
Workforce Pipeline
ICBM model: Train, Certify, Employ, Advance. Aligned to CompTIA, ISC2, and ISO 27001 pathways. Sixty-percent-plus gender-balance target.
04
Threat Intelligence Federation
Regional exchange on Aegis360AI infrastructure: indicators of compromise, sector advisories, coordinated response across member jurisdictions.
05
Supply-Chain & Open-Source Security
SBOMs, vendor-risk scoring, coordinated patch pipelines. Dedicated support for open-source maintainers across the region.
The platform

Aegis360AI — seven modules, one platform.

Integrated cybersecurity and compliance for regulated enterprises and public-sector institutions. Provider-agnostic AI architecture. Regional data residency in AWS af-south-1.

Threat Intelligence Grid
CISO, national CSIRT
Compliance Automation
Compliance, Internal Audit
Vendor Risk Engine
Procurement, Risk
Managed SOC
CISO, IT Operations
Secure SDLC / DevSecOps
Engineering, AppSec
Patch Orchestration
IT Operations
Vulnerability Disclosure
National CSIRT, Regulators
Aegis360AI uses modern large language models from established providers via the Claude API, AWS Bedrock, Google Vertex AI, and Microsoft Foundry. The platform does not claim access to unreleased research-preview models. When Anthropic publishes Project Glasswing practical recommendations, Aegis360AI will incorporate them into its compliance mappings and defensive operations.
Where we work

Rooted in Africa. Expanding into the Caribbean.

SBTS Group operates today across seven countries spanning anglophone and francophone Africa, with the CyberFrontier Alliance extending the operating footprint into the Caribbean in the next twelve months.

🇳🇬NigeriaActive
🇸🇱Sierra LeoneActive
🇬🇭GhanaActive
🇱🇷LiberiaActive
🇨🇩DRCActive
🇿🇦South AfricaActive
🇮🇳IndiaActive
🇰🇪KenyaPipeline
🇯🇲JamaicaPipeline
🇹🇹Trinidad & TobagoPipeline
Flagship programme

Nigeria National Cyber Resilience Pilot.

A twelve-month integrated programme: a 24×7 managed SOC in Abuja, the Aegis360AI compliance platform with NDPC and CBN CSAT overlays, a national coordinated vulnerability disclosure portal, and a structured workforce commitment of one hundred Nigerian analysts trained and sixty-plus placed in permanent employment.

Indicative budget
USD 9.8M
Duration
12 months
Workforce
100 analysts
Track record

We ship. Then we keep shipping.

50+
MDA participants certified
NC3 World Bank programme in Sierra Leone. Security+, CySA+, PenTest+ delivery with full individual report cards and attendance tracking.
820+
Courses on TrainingSol LMS
Multi-tenant enterprise learning platform with role-based dashboards, operating the ICBM workforce pipeline across seven countries.
7
Countries of operation
Nigeria, Sierra Leone, Ghana, Liberia, DRC, South Africa, India. Headquartered in Washington, D.C.
Live
CBN-ready compliance platform
Full-stack multi-tenant compliance-OS build, deployed at AWS af-south-1 for the Nigerian banking sector.
On the ground

Real people. Real delivery.

Our teams operate across seven countries, building the cybersecurity workforce and delivery capacity this region has needed for a generation. No outsourced interface — we are the operators.

Security Operations
24×7 threat monitoring
Vultcore's managed SOC: continuous detection, triage, and incident response for regulated institutions.
Workforce Training
Certification at scale
NC3 cohorts across Security+, CySA+, and PenTest+, with full report cards and placement tracking.
Compliance Architecture
Regulator-grade platforms
CBN CSAT, NDPC, and sector-specific overlays — designed, built, and deployed with the regulator in the room.
Programme Delivery
Multi-country coordination
End-to-end programme management across Abuja, Freetown, Accra, Monrovia, Kinshasa, and Washington D.C.
Membership

Fourteen ways to join the Alliance.

The CyberFrontier Alliance is a federated coalition — with standing for governments, multilaterals, enterprises, CSIRTs, universities, innovation hubs, professional bodies, schools, open-source projects, individuals, students, and media. Each category has its own governance rights, dues model, and engagement track.

Platform architecture

Enterprise-grade from the first line of code.

Seven-layer reference architecture. Polyglot by design — Rust for the security-critical core, Go for business services, Next.js and TypeScript for the user experience. Multi-region data residency. SOC 2 Type II and ISO 27001 on the roadmap.

EDGE Cloudflare WAF · DDoS · Bot Management L1 FRONTEND Next.js 14 · React Server Components · TypeScript · Tailwind · PWA (offline-capable) L2 API GATEWAY GraphQL federation · OIDC · Rate limit L3 BUSINESS LOGIC · Go Members · Organizations · Forums Events · Training · Dues · Voting Working Groups · Publications L4 SECURITY CORE · Rust Threat Intel Ingestion · Detection Engine CVD Parser · Crypto Ops · Signing DDoS Mitigation · Untrusted Input Parsing L5 DATA LAYER PostgreSQL 16 (multi-tenant, row-level security) · Redis · OpenSearch · Apache Kafka · S3 Object Lock AES-256 at rest · TLS 1.3 in transit · AWS KMS (HSM-backed) · Per-jurisdiction residency L6 INFRASTRUCTURE AWS EKS · af-south-1 (Cape Town) · eu-west-1 (Dublin) · Istio mTLS · Argo CD · Terraform · Vault SLSA Level 3+ · Cosign · SBOM per release · OpenTelemetry · Grafana · Vultcore SOC integration L7 FIDO2/WEBAUTHN · SOC 2 TYPE II · ISO 27001 · QUARTERLY PEN TESTS · PUBLIC BUG BOUNTY
Rust — memory-safe security core
Go — high-productivity business services
Edge + Frontend — public-facing layer
Data + Infra — resilient foundation
Polyglot is deliberate: Rust protects the network-exposed attack surface where memory safety matters; Go and TypeScript deliver the velocity the rest of the platform needs. This is the architecture pattern used by Cloudflare, Microsoft, and AWS — not a single-language identity that trades throughput for ideology.
Phased delivery

Three phases. Eighteen months.

The launch site is Phase 0. The MVP member platform lands in July 2026. Full federation — CVD portal, tiered threat intelligence feed, incident coordination — lands in October 2027.

Complete · April 2026
Phase 0 · Launch site
  • Static launch site, 6 languages, accessible
  • Working contact & application forms
  • Real human imagery, diverse representation
  • Deployed on cyberfrontieralliance.org
Months 1–3 · Launch July 2026
Phase 1 · MVP member platform
  • Member application & review workflow
  • Auth (email + FIDO2/WebAuthn)
  • Member directory, org profiles
  • Basic discussion forums
  • Events calendar, dues, newsletter
Months 4–9 · Launch Jan 2027
Phase 2 · Collaboration
  • Working Groups / SIGs spaces
  • TrainingSol integration, certifications
  • Event ticketing, job board
  • TLP-coded file sharing, GitLab
  • Q&A module, member blog, mentorship
Months 10–18 · Launch Oct 2027
Phase 3 · Federation
  • CVD portal with researcher tracking
  • Tiered threat-intel federation
  • Incident coordination (E2E encrypted)
  • SOC 2 Type II, ISO 27001 certified
  • Governance voting, audited financials
Security & compliance

The platform of a cybersecurity alliance must itself be exemplary.

These commitments are non-negotiable. A preventable breach of the Alliance platform would be institutionally existential — so the operational baseline is engineered for it from day one.

🔐
FIDO2 / WebAuthn
Phase 1 launch
📜
SOC 2 Type II
Year 1 audit
🛡️
ISO 27001
Year 2 certification
🔗
SLSA Level 3+
Supply-chain
🌍
Regional data residency
af-south-1 · eu-west-1
🧪
Quarterly pen tests
Rotating providers
🎯
Public bug bounty
Phase 2 launch
📖
Public security.txt
From Day 1
Events

Upcoming convenings.

The Alliance hosts and co-hosts convenings across Africa and the Caribbean. Members attend free; non-members apply via the event page.

Knowledge

Africa Implementation Briefs.

Regulator-ready translations of global AI-era cyber practice. Signed, versioned, and published for public use. Members get early access to drafts and the ability to contribute.

News & insights

What we're watching.

Partner with us

Three conversations. Ninety days.

We are looking for three kinds of partners in the next ninety days. If you recognize yourself here, please get in touch.

  • Governments & regulators. Ministries of digital economy, national CSIRTs, data-protection authorities, and central banks considering a national cyber resilience pilot.
  • Multilateral & development finance. World Bank, African Development Bank, bilateral donors with cybersecurity and digital-development mandates.
  • Anchor customers & founding members. Regulated banks, telcos, and critical-infrastructure operators looking for an integrated SOC, compliance, and vendor-risk platform with regional delivery.
Evelyn A. Lewis — CEO & Board Chair, SBTS Group LLC
1717 Pennsylvania Avenue NW, Suite 1025, Washington D.C.
elewis@sbtsgroup.com  ·  +1 571-276-2203

Start a conversation

Leave your details and we will respond within three business days.

Thank you. Your message has been prepared — please send it from your email client when prompted.
CF
CyberFrontier Alliance
Member portal · Phase 1 preview
E
Member
CYBERFRONTIER ALLIANCE · MEMBER PORTAL
Welcome back.
A coalition of governments, multilaterals, enterprises, CSIRTs, universities, and practitioners — building AI-era cyber resilience across Africa and the Caribbean.
Alliance members
across 14 categories
Active countries
10
7 active · 3 pipeline
Upcoming events
next 60 days

Recent discussion

Member directory.

Search and filter across the Alliance's fourteen-category membership.

Discussion.

Member-only topical forums. Posts are visible to all approved members.

Events.

RSVP to upcoming convenings.

Working Groups.

Special Interest Groups driving the Alliance's technical and policy agenda.

Africa Implementation Briefs.

Signed, versioned regulatory-ready translations. Members have early access to drafts.

Profile.

Your details as known to the Alliance.

About this preview

This is a Phase 1 preview. In the production platform (July 2026) this page will let you edit your profile, manage FIDO2 security keys, configure notification preferences, download your data under NDPR/POPIA/GDPR, and manage your organization's team members if you are an org admin.