Cyberismo – the open solution for making a difference in cybersecurity
Open-source tools and content for secure development
Cyberismo is an open-source solution that makes the adoption of cybersecurity management smooth in digital development. With Cyberismo, you can get cyber risks under control faster, and save time and money in your cybersecurity management and compliance efforts.
The solution is currently available as a technology preview, with a working demo.
Make a difference in cybersecurity.
Advantages
Open solution for making a difference in cybersecurity
Easy adoption
- Get cyber risks under control quickly
- Shorten the time to compliance
- Cyberismo guides you every step of the way throughout the implementation
- Built-in checklists, document templates, risk management, architecture models, evidence gathering, archiving
Automate everything
- Save time and money by automating cybersecurity management and compliance work
- Track compliance, produce progress metrics and reports automatically with the logic-based AI engine
- Integrate Cyberismo to your CI/CD toolchain
Collaborate
- Save effort by collaborating
- Collaborate on content – internally and across organisations
- Convert to other formats
- Make cybersecurity content easily available to development teams
Solution highlights
Get started quickly with reusable content modules
Reusable content modules will get you started with various cybersecurity related processes and practices in no time at all. You can use one of the open content modules from the Cyberismo company or design your own content modules that cater for the specific needs of your organisation, whether it be secure development processes, architecture management, or information security management.
Reusable content modules support simple content types such as pages or decisions, or they can be arbitrarily complex hierarchies of content types, templates, reports and workflows, such as the complete cybersecurity documentation for a software project.
Key performance indicators
Automated key performance indicators help you and your team stay focused on what matters. You can define your own key performance indicators, which may be based on, for example, the adoption of process requirements or tracking security-related issues to closure.
See your status clearly
Cyberismo user interface has been designed to highlight the status of your cybersecurity management or compliance efforts, and what should be done next.
No more guessing what is important and what the next steps should be.
Automated policy checks
With automated policy checks, you can let the Cyberismo solution do the heavy lifting of checking whether the documents, tickets and other evidence of cybersecurity management are what you expect them to be.
For example, you can use automated policy checks to ensure that your cybersecurity related work has been tracked to closure for the next product release.
Data flow diagrams and other visualisations
Cyberismo has a powerful reasoning engine that supports visualising the information and relationships with graphs. For example, you can model the architecture and data flows of a software system, and automatically generate data flow diagrams in different levels of abstraction. This Internet banking system dataflow model is based on an example from C4 model (CC BY 4.0).
Produce reports automatically
Compliance is a complex topic that is hard to articulate simply, and it is hard to prove compliance to a standard or regulation with evidence. With the powerful query, reasoning and reporting capabilities of Cyberismo, you can produce various reports and views to the data automatically – automating many parts of evidence gathering and archiving.
For example, a report might show a list of external communication interfaces, derived directly from the data flow model of architecture.
Solutions
Application
Cyberismo tools- A local browser app and a command line tool for working with the content
- The command line tool supports creating static web sites from Cyberismo content
- Security-as-code paradigm: the content is managed in software version control
- Integrates to development environments and CI/CD tool chains
- Open source
ISMS essentials
Cyberismo solution for Information Security Management Systems- Building blocks for establishing an Information Security Management System (ISMS)
- Tools and content for asset management, risk management and incident management
- Essential process description templates
- Open source
Secure development essentials
Supercharge your secure development- The essential tasks and templates for starting with secure development in a development team
- Risk assessment
- Threat modelling
- Built-in key performance indicators
- Extensible with the EU Cyber Resilience Act module
- Open source
Threat modelling tooling
Smooth diagramming and threat modelling- Tool for modelling the architecture
- Automatically created diagrams
- Supports managing the security issues identified in threat modelling
- Integrates with a high-level cyber security risk assessment
- Threat modelling support is included in the Cyberismo Secure development essentials module
Secure development pro
If you outgrow Essentials, we have your back- Tasks and templates for establishing and maintaining the organisations’s secure development process by a central security team
- Extends the Secure development essentials module with more tasks and templates for development teams
- Compliance report and mapping to the IEC 62443-4-1 standard to support your certification project
Atlassian Jira integration
Use content from Jira and Cyberismo together- Use the status of Jira tickets in automatic checks by Cyberismo
- Embed Jira content in your Cyberismo reports
- Produce Key Performance Indicators and progress metrics that combine data from from Jira and Cyberismo
Support and consulting
Never walk alone- Support and training to get started with Cyberismo
- Technical support and maintenance of your Cyberismo tool chain
- Custom Cyberismo content development – tailoring the material to fit the culture of your organisation
- Cybersecurity consulting
Introduction presentation
Check out this 15-minute presentation from the eSAAM’24 conference for an introduction and a live demonstration of the Cyberismo solution. You can find the conference paper here.
Resources
Source code
Documentation
Demo
The Cyberismo demo environment provides the quickest way to get hands-on with Cyberismo.