Archive

Archive: Publications - 2024

Alpha release of IDPS-ESCAPE

Abstractions Lab released the Alpha version of IDPS-ESCAPE on GitHub.

IDPS-ESCAPE, part of the CyFORT suite of open-source cybersecurity software solutions, addresses various aspects of cybersecurity as an ensemble, targeting different user groups, ranging from public to private and from CIRT/CSIRT to system administrators. The design of IDPS-ESCAPE is targeted to cloud-native deployments, with an eye on CERT/CSIRT-operated monitoring systems.

Click here to read the whole article












Original publication on the itrust Abstractions Lab website
Press release of IDPS-ESCAPE
Technical specification providing end-to-end traceability on GitHub.io
IDPS-ESCAPE on GitHub

itrust Abstractions Lab released the Beta version of C5-DEC on GitHub

itrust Abstractions Lab released the Beta version of C5-DEC on GitHub. This release includes many new functionalities, mainly to assist with Common Criteria evaluations and efficient creation of technical documentation throughout the Secure Software Development Lift Cycle (SSDLC).


We will be happy to receive your feedback at info@abstractionslab.lu

Read the entire news, in english, on itrust Abstractions Lab
Read the translation of the entire news in french, on the itrust consulting website
C5-DEC on GitHub of itrust Abstractions Lab

Publication of OpenTRICK as open source tool

itrust consulting published the open source version of TRICK Service and added it the product list. OpenTRICK is a web-application supporting risk assessment and treatment.


OpenTRICK (formerly called TRICK Service) is a full-featured risk management tool, assisting in assessing risk, planning actions, as required by an ISO/IE 27001 compliant information security management system (ISMS). It accompanies you throughout the whole risk management process; starting with the definition of the risk context, covering risk estimation and treatment, and communicating the results. OpenTRICK prepares you to be certified for ISO 27001, to comply with the requirements of the GDPR, to export the RISK information in the json format requested by the LU regulator ILR or in order to respond to CSSF circular 12/544.

 

It covers a wide variety of features such as quantitative/qualitative analysis of risk scenarios, estimation of Return on Security Investment (ROSI) based on risk reduction factors (RRF), embedding of custom or pre-defined catalogues for rated security controls (27002, GDPR, 22301, IoT, …), multi-user support and access control, import/export, and versioning. It allows several risk assessment for different customers or contexts to share information such security and risk parameters over a central knowledge Base, thus explaining its name TRICK = Tool for Risk management of an ISMS based on a Central Knowledge base. Note that such information, e.g., ISO/IEC 27002 is copyright protection, i.e. cannot be part of this release, but it can be imported easily, based on formatted documents available at ILNAS.public.lu (e.g.) upon acquisition of the standard's copyrights (in near future).

 

OpenTRICK comes with user access management, activity logs, two-factor authentication, and smart input output feature interacting with Word and Excel.

WBaaS request form

Use the following form to register your organization for setting up a reporting channel using WBaaS (Whistleblowing as a Service) of itrust consulting
[wpforms id="13798"]

WBaaS

Whistleblowing as a Service (WBaas)

Description


Whistleblowing as a Service is a service provided by itrust consulting that enables employees to report violations of laws and regulations within an organisation without fear of negative consequences.
Since 17 December 2023 (the activation date of Luxembourgish Whistleblower Law A232), a dedicated channel for internal reporting has been mandatory for companies with over 50 employees and communes with over 10,000 inhabitants. 
Companies wishing to use this service from itrust consulting need to register here to set up a reporting channel.

The website for reporting violations is https://wbaas.itrust.lu
Once your order has been confirmed, your company will be added to the list of partners using this WBaaS reporting service.

How to order the service 'Whistleblowing as a Service' (WBaaS) for your company


  • Based on the details you have provided in the form below, itrust consulting will send you an order document.
  • You can then confirm the order by signing the document and returning it by post. Alternatively, you can scan the signed document or sign it electronically and email it to 'info@itrust.lu'.
  • Please note that the service will only be executed upon receipt of the confirmed and signed order document.
Click here for submitting a webform to request to set up a reporting channel.

Archive

Categories