iSAM - Information Security Automation Manager

Description

iSAM is a product developed by Safetech Innovations, in order to ensure automation in the information security management process. By aggregating data into a single application, iSAM provides a quick and clear overview of your organisation's cyber security posture.

The tool addresses these difficulties of the organisations:
• The constantly increasing number of cyber attacks, vulnerabilities and risks,
• The compliance with numerous regulations that requires a large volume of effort and high costs,
• The lack of specialised human resources for information risk management.

The solution will have a positive impact in reducing the operational costs of governance and information security management through a dynamic management of the existing security vulnerabilities and organization's security risks.

iSAM provides the following functionality:

• Inventory of business processes IT services and systems:
- The solution manages your organisation's processes,
- Defines the IT services that support the processes,
- Associates IT systems to one or more IT services,
- Inventory of the IT systems, associated with departments of the organization, in order to manage their risks and vulnerabilities,
- Integration with external CMDB tools;

• Vulnerability management:
- The solution manually and automatically manages a vulnerability registry,
- Displays vulnerability lists and remediation recommendations,
- Maintains a history of vulnerabilities obtained from periodic scans,
- Retrieves information through integration points with external vulnerability scanner tools (Nessus, Qualys, Acunetix or any other similar tools that provide an API interface or data export options),
- Facilitates the management of the vulnerability remediation plans by forwarding the requests to an external IT service desk system and receive status updates in our dashboard,
- Generates vulnerability reports and a vulnerability security score trend graph,
- Generates a security score based on vulnerability severity;

• Compliance and security risk analysis and management:
- The solution implements a threat registry that exploits known application vulnerabilities,
- Provides security risk management, which is the likelihood of a threat materializing,
- Facilitates risk analysis for documenting a security risk,
- Risks are managed in a Risk Register with all risk analyses added,
- Generates exception sheets if the risk cannot be mitigated or eliminated immediately,
- Ease the compliance processes management with controls and policies management, requirements, recommendations, monitoring and compliance summary charts and reports;

• Management of security indicators:
- The solution defines and tracks key performance indicators (KPIs) and risk indicators (KRIs) of processes, allowing early observation of positive and negative developments and facilitating decision-making,
- Automatically register risk indicators from various external tool (SIEM, antivirus console, IDS/IPS, remote logs);

• Incident management:
- The solution implements a security incident log
- Automatically retrieve incident alerts from external security tools,
- Allows attaching records to incidents (MsOffice files, PDF, binaries),
- Sends email alerts when new incidents occur or when the status of existing ones changes,
- Manages the status of security incidents (open, closed, archived),
- Generates security incident investigation reports.
iSAM is delivered as a virtual machine, installs quickly, and once the data has been entered into the inventory module and a vulnerability scan has been performed, a security report can be exported in a few clicks.

In summary, iSAM:
• Is a product developed by Safetech Innovations based on its extensive experience in cybersecurity management and governance,
• Simplifies cybersecurity management, facilitates decision making and compliance requirements of your organization,
• Reduces your costs and increases your operational efficiency.