Engineered to dynamically scale and adopt, SWORDFISH provides with the necessary content, applications and gear to:
- plan, design, build and orchestrate Enterprise Cyber Security
- integrate with subset security and business systems
- automate, disseminate and streamline security content and procedures
- collect, model and analyze risk and threat related data and metadata using SWORDFISH security ontology.
User and Awareness Management
SWORDFISH serves as the single gateway to the security organization, allowing easy access to corporate policies and execution of security procedures through a centralized and access controlled intranet gateway. The End User Portal is used as the central repository of information throughout the organization. Users can easily access security policies and standards (respecting the corporate classification scheme and the “need to know” principle), and can easily initiate procedures to complete their tasks. In addition, available questionnaires and security polls are very effective and can produce impressive results in terms of security training and awareness, while News, Do’s and Don’ts and Tips & Suggestions content can be pushed across the organization to communicate important information and raise security awareness.
Content, provided by the Governance Component that facilitates the development of new security policies or assists compliance with new regulations can be easily reused and can be tailored to business requirements. A preloaded SWORDFISH Content Library, which includes best-practice policies, security standards, control procedures, workflows, authoritative sources and assessment questionnaires, is also provided. All documentation of the corporate Information Security Framework, including policies, standards and control procedures, is centrally managed. SWORDFISH also provides effective versioning control, document ownership management and a flexible document classification scheme. Policy Manager also includes a form and questionnaire builder facilitating the collection of information through the execution of Workflows across the organization.
The Workflow Manager module facilitates the Design, Testing and Execution of Workflows by the users. With no programming experience required, users can depict the security processes by using a drawing canvas through their browser. SWORDFISH Platform allows the dynamic allocation of tasks to security roles as well as end-users, and defines deadlines, priorities and escalation paths, based on corporate security requirements and regulations. Using its powerful workflow engine clients can develop, define and streamline security procedures.
Using the SWORDFISH platform, all security related corporate assets can be centrally mapped in terms of location, owners, criticality and more. This allows effortless asset decomposition and supports the assessment of asset related risks. Besides classic Asset Management, SWORDFISH supports a concept called “The Universe”. By using this concept, the organization can map in detail all the valuable assets in terms of IT systems, applications, business services or critical products. Additionally, departments, locations and external vendors can be part of the Universe and each entity can be tagged and freely related to one another in order to accurately map the dependencies between them and facilitate risk analysis. The Universe is dynamically coupled with the Workflow engine in order for assets to become an important part during the assessments and other processes running across the organization.
The Compliance component incorporates the Register and Planning modules in order to cover the Compliance Program and Corrective Actions Management and Planning. Compliance dashboards provide an overview of the status regarding organization’s compliance against its own policies, international standards such as PCI, ISO, etc and/or against legal and regulatory requirements.
- Register: By using the Register module of the Compliance component, users can create new non-compliance issues manually or automatically by assessing the results of the compliance assessment questionnaires completed by users, during a compliance assessment. Each non-compliance issue can be categorized, assigned to a user or a group of users and related with one or more Assets from the Universe module.
- Planning: The planning module facilitates the management of the corrective actions for the registered non-compliance issues. Users can create one or more corrective actions for a non-compliance issue, mass-assign these tasks to users or groups and monitor each action’s status, overall progress and budget.
The Vendor Management Component is an extension of the Compliance Management Application and provides with functionality for assessing and tracking compliance of the vendors with the organizations security policy. It effectively streamlines the communication between the stakeholders (information owners, risk management, security management, vendor) in order to assess the security risk of third party providers, track the remediation and security measures aligned with internal requirements and regularly monitor vendor compliance with those requirements.
By using SWORDFISH, organizations can now integrate real time intelligence and replace any static algorithms with real time data. Leveraging SWORDFISH organizations can now adopt dynamic security models that can prevent foreseen and emerging threats as well as provide the ground for effective response and threat elimination and damage containment. Risks can be measured, controlled, avoided or accepted. In real time.
The Risk component incorporates the Register and Manager modules in order to cover the Risk Management requirements of the organization. Risk dashboards provide an overview of the status regarding organizational risks by criticality, category, assignees as well as risks spanning across organizational assets.
- Register: By using the Register module of the Risk component, users can create new risks during a risk assessment process or automatically raise new risks from non-compliance issues and/or vulnerabilities. Each risk can be categorized, assigned to a user or a group of users and be related with one or more assets from the Universe module.
- Manager: The planning module facilitates the management of the mitigation actions for the registered risks. Users can create one or more mitigation actions for a registered risk, mass-assign these actions to users or groups and monitor each action’s status, overall progress and budget.
The Operations component of SWORDFISH provides access to functionality regarding the cyber security operations. This component covers the connection to systems like SIEM, WAF, VMC, UTM and other related technologies. Consolidated Dashboards: SWORDFISH integrates seamlessly with OBRELA’s Swordfish WAF software, providing analytics on customer’s sites traffic information like bandwidth, response times, browser and countries visiting statistics as well as information on blocked requests.
SWORDFISH includes embedded connectors that communicate events to respective correlation engines. The SWORDFISH platform supports special indexing and metadata formats in order to produce meaningful events that can be processed and analyzed using prioritization and correlation techniques. Events that reflect running procedures can be correlated with events that are created by systems, applications and networks, offering a unique ability to understand risk in real time.
The vulnerability management module facilitates the registration of asset vulnerabilities and the management of mitigation actions for each registered vulnerability. Vulnerabilities can either be manually registered or imported into the system as a result of an external scanning tool process. Each vulnerability can be categorized, assigned to a user or a group of users and monitored through the appropriate Dashboards with regards to status, criticality and progress.