The open-source solution for conquering cybersecurity and compliance

Manage risks, model threats, track compliance requirements, create and archive documentation, and automate everything with the Cyberismo solution.

Online demo
Download Cyberismo

Advantages

Open-source solution for conquering cybersecurity and compliance

Easy adoption

  • Get cyber risks under control quickly
  • Shorten the time to compliance
  • Cyberismo guides you every step of the way throughout the implementation
  • Built-in checklists, document templates, risk management, architecture models, evidence gathering, archiving

Automate everything

  • Save time and money by automating cybersecurity management and compliance work
  • Track compliance, produce progress metrics and reports automatically with the logic-based AI engine
  • Integrate Cyberismo to your CI/CD toolchain

Collaborate

  • Save effort by collaborating
  • Collaborate on content – internally and across organisations
  • Convert to other formats
  • Make cybersecurity content easily available to development teams

Highlights

Get started quickly with reusable content modules

Reusable content modules will get you started with cybersecurity related processes and practices in no time at all. 

Key performance indicators

Automated key performance indicators help you and your team stay focused on what matters.  

Situational awareness

Cyberismo user interface has been designed to highlight the status of your cybersecurity management or compliance efforts, and what should be done next.

Data flow diagrams and other visualisations

Cyberismo has a powerful reasoning engine that supports visualising the information, such as your solution architecture, as graphs.  

Produce and archive reports automatically

With the powerful query, reasoning and reporting capabilities of Cyberismo, you can produce various reports and views automatically – automating many parts of evidence gathering and archiving.  

Automated policy checks

With automated policy checks, you can let the Cyberismo solution do the heavy lifting of checking whether the documents, tickets and other evidence of cybersecurity management are what you expect them to be.

Reusable content modules
Key performance indicators
Situational awareness
Data flow diagrams
Produce and archive reports automatically
Automated checks

Solution components

Cyberismo application

  • A local browser app and a command line tool for working with the content
  • The command line tool supports creating static web sites from Cyberismo content
  • Security-as-code paradigm: the content is managed in software version control
  • Integrates to development environments and CI/CD tool chains
  • Open source

ISMS essentials

  • Building blocks for establishing an Information Security Management System (ISMS)
  • Tools and content for asset management, risk management and incident management
  • Essential process description templates
  • Open source

Secure development essentials

  • The essential tasks and templates for starting with secure development in a development team
  • Risk assessment
  • Threat modelling
  • Built-in key performance indicators
  • Extensible with the EU Cyber Resilience Act module
  • Open source

Threat modelling

  • Tool for modelling the architecture
  • Automatically created diagrams
  • Supports managing the security issues identified in threat modelling
  • Integrates with a high-level cyber security risk assessment
  • Threat modelling support is included in the open-source Cyberismo Secure development essentials module

Secure development pro

  • Tasks and templates for establishing and maintaining the organisations’s secure development process by a central security team
  • Extends the Secure development essentials module with more tasks and templates for development teams
  • Compliance report and mapping  to the IEC 62443-4-1  standard to support your certification project
  • Commercial content module. Contact us for more details!

Atlassian Jira integration

  • Use the status of Jira tickets in automatic checks by Cyberismo
  • Embed Jira content in your Cyberismo reports
  • Produce Key Performance Indicators and progress metrics that combine data from from Jira and Cyberismo
  • Commercial content module. Contact us for more details!

Support and consulting

  • Support and training to get started with Cyberismo
  • Technical support and maintenance of your Cyberismo tool chain
  • Custom Cyberismo content development – tailoring the material to fit the culture of your organisation
  • Cybersecurity consulting

Solution architecture

The following figure presents the high-level architecture of the Cyberismo solution and gives an overview of how the different pieces work together.

You can read more in the Cyberismo documentation.

Introduction presentation

Check out this 15-minute presentation from the eSAAM’24 conference for an introduction and a live demonstration of the Cyberismo solution. You can find the conference paper here.

Resources

Source code

Documentation

    Demo

    The Cyberismo demo environment provides the quickest way to get hands-on with Cyberismo.