Cyberismo – the open solution for making a difference in cybersecurity

Learn more

The Cyberismo solution is currently available as a technology preview.

Cyberismo is an open-source solution that makes the adoption of cybersecurity management smooth in digital development. With Cyberismo, you can get cyber risks under control faster, and save time and money in your cybersecurity management and compliance efforts. 

 

The solution is currently available as a technology preview.

Make a difference in cybersecurity.

Advantages

Open solution for making a difference in cybersecurity

Easy adoption

  • Get cyber risks under control quickly
  • Shorten the time to compliance
  • Cyberismo guides you every step of the way throughout the implementation
  • Built-in checklists, document templates, risk management, architecture models, evidence gathering, archiving

Automate everything

  • Save time and money by automating cybersecurity management and compliance work
  • Track compliance, produce progress metrics and reports automatically with the logic-based AI engine
  • Integrate Cyberismo to your CI/CD toolchain

Collaborate

  • Save effort by collaborating
  • Collaborate on content – internally and across organisations
  • Convert to other formats
  • Make cybersecurity content easily available to development teams

Solution highlights

Get started quickly with reusable content modules

Reusable content modules will get you started with various cybersecurity related processes and practices in no time at all. You can use one of the open content modules from the Cyberismo company or design your own content modules that cater for the specific needs of your organisation, whether it be secure development processes, architecture management, or information security management.

Reusable content modules support simple content types such as pages or decisions, or they can be arbitrarily complex hierarchies of content types, templates, reports and workflows, such as the complete cybersecurity documentation for a software project.

At the moment, Cyberismo has published open content modules for dataflow diagram creation and for establishing a basic Information Security Management System.

 

Key performance indicators

Automated key performance indicators help you and your team stay focused on what matters. You can define your own key performance indicators, which may be based on, for example, the adoption of process requirements or tracking security-related issues to closure.

See your status clearly

Cyberismo user interface has been designed to highlight the status of your cybersecurity management or compliance efforts, and what should be done next.

No more guessing what is important and what the next steps should be.

Automated policy checks

With automated policy checks, you can let the Cyberismo solution do the heavy lifting of checking whether the documents, tickets and other evidence of cybersecurity management are what you expect them to be.

For example, you can use automated policy checks to ensure that your cybersecurity related work has been tracked to closure for the next product release.

Data flow diagrams and other visualisations

Cyberismo has a powerful reasoning engine that supports visualising the information and relationships with graphs. For example, you can model the architecture and data flows of a software system, and automatically generate data flow diagrams in different levels of abstraction. This Internet banking system dataflow model is based on an example from C4 model (CC BY 4.0).

Produce reports automatically

Compliance is a complex topic that is hard to articulate simply, and it is hard to prove compliance to a standard or regulation with evidence. With the powerful query, reasoning and reporting capabilities of Cyberismo, you can produce various reports and views to the data automatically – automating many parts of evidence gathering and archiving. 

For example, a report might show a list of external communication interfaces, derived directly from the data flow model of architecture.

Components

Tools

  • A local browser app and a command line tool for working with the content
  • The command line tool supports creating static web sites from Cyberismo content
  • Integrates to dev environments and CI/CD tool chains
  • Open source

Content modules

  • Open plain text content format that can be managed in software version control
  • Content can be packaged as reusable content modules
  • The Cyberismo base module provides essentials such as tasks, pages, and decisions
  • With the open-source Cyberismo dataflow module, you can model your architecture and create dataflow diagrams in different levels of abstraction
  • The Cyberismo ISMS essentials module contains the building blocks for establishing an information security management system 

Support and consulting

  • Cybersecurity consulting
  • Solution integration
  • Training
  • Technical support
  • Custom Cyberismo content development

Introduction presentation

Check out this 15-minute presentation from the eSAAM’24 conference for an introduction and a live demonstration of the Cyberismo solution. You can find the conference paper here.

Resources

Source code

Documentation

Contributing

We are currently working out the final kinks in our collaborator agreement, so we are quite not ready for PRs yet. You are welcome to report issues though!