|
 |
|
|
|
itrust Abstractions Lab released the Alpha version of SATRAP-DL on GitHub.
Developed in the context of the SATRAP-DL subproject of CyFORT, SATRAP (Semi-Automated Threat Reconnaissance and Analysis Platform) is an open-source, cross-platform software for computer-aided analysis of Cyber Threat Intelligence (CTI) through automated reasoning.
Click here to read the whole article
Please complete the form below to request the relevant ISO/IEC file prepared by itrust consulting: [wpforms id="13505"]
Download the Free Standards Excel Files for Easy Use:
[wpdm_package id='13626']
[wpdm_package id='13565']
[wpdm_package id='13567']
Abstractions Lab released the Alpha version of IDPS-ESCAPE on GitHub.
IDPS-ESCAPE, part of the CyFORT suite of open-source cybersecurity software solutions, addresses various aspects of cybersecurity as an ensemble, targeting different user groups, ranging from public to private and from CIRT/CSIRT to system administrators. The design of IDPS-ESCAPE is targeted to cloud-native deployments, with an eye on CERT/CSIRT-operated monitoring systems.
Click here to read the whole article
itrust Abstractions Lab released the Beta version of C5-DEC on GitHub. This release includes many new functionalities, mainly to assist with Common Criteria evaluations and efficient creation of technical documentation throughout the Secure Software Development Lift Cycle (SSDLC).
We will be happy to receive your feedback at info@abstractionslab.lu
itrust consulting published the open source version of TRICK Service and added it the product list. OpenTRICK is a web-application supporting risk assessment and treatment.
OpenTRICK (formerly called TRICK Service) is a full-featured risk management tool, assisting in assessing risk, planning actions, as required by an ISO/IE 27001 compliant information security management system (ISMS). It accompanies you throughout the whole risk management process; starting with the definition of the risk context, covering risk estimation and treatment, and communicating the results. OpenTRICK prepares you to be certified for ISO 27001, to comply with the requirements of the GDPR, to export the RISK information in the json format requested by the LU regulator ILR or in order to respond to CSSF circular 12/544.
It covers a wide variety of features such as quantitative/qualitative analysis of risk scenarios, estimation of Return on Security Investment (ROSI) based on risk reduction factors (RRF), embedding of custom or pre-defined catalogues for rated security controls (27002, GDPR, 22301, IoT, …), multi-user support and access control, import/export, and versioning. It allows several risk assessment for different customers or contexts to share information such security and risk parameters over a central knowledge Base, thus explaining its name TRICK = Tool for Risk management of an ISMS based on a Central Knowledge base. Note that such information, e.g., ISO/IEC 27002 is copyright protection, i.e. cannot be part of this release, but it can be imported easily, based on formatted documents available at ILNAS.public.lu (e.g.) upon acquisition of the standard's copyrights (in near future).
OpenTRICK comes with user access management, activity logs, two-factor authentication, and smart input output feature interacting with Word and Excel.
Use the following form to register your organization for setting up a reporting channel using WBaaS (Whistleblowing as a Service) of itrust consulting
[wpforms id="13798"]
itrust consulting in collaboration with CyFORT launched its Standards Distribution Initiative, aimed at providing standards file and other helpful files in Excel format. These files are designed for seamless integration with popular open-source tools like Ariana and OpenAriana, OpenTrick. The initiative enables organizations to easily generate policies, conduct risk assessments, perform audits, and more, all while leveraging the power and flexibility of open-source solutions.
By offering standards in a standardized Excel format, itrust consulting simplifies the process of aligning with international standards and enhances the effectiveness of risk management and compliance activities. This initiative supports a wide range of applications, ensuring that businesses can efficiently manage their ISO-related tasks using the tools they know and trust.
Click for downloading free to use excel files
Click here for submitting a webform to request ISO/IEC standards file by license holders
Open source Java API for MONARC (Optimised Risk Analysis Method), which allows risk information from other sophisticated risk management tools such as TRICK Service (Tool for Risk management of an ISMS based on a Central Knowledge base) to be imported by facilitating changes to the MONARC JSON data file. The tool has been developed to migrate risk information from several organisations within the scope of NIS into the data format required by the NIS regulator in Luxembourg.
This project conforms to MONARC version 2.12.7. This API reads a JSON data file exported from MONARC and gathers information by interpreting a subset of such a file and creating Java objects from the elements it can interpret from the exported JSON data file.
Furthermore, after the Java objects have been processed by this API, it can export a JSON file compliant with MONARC version 2.12.7.
The tool has been released as open source as part of the CyFORT project initiative, making its main features available for use and inviting further contributions.
