Questionnaire based wizard that
assists analysts to quickly and easily build customized threat models.
Intelligent validation tools
for checking the model's integrity and completeness. The validation tool
will automatically point to weaknesses in the model and offer corrections
and improvement hints.
Graphic display of threat
model with ‘drag & drop’ editing tools.
Automated updates of domain-specific entity libraries and threat model templates.
Threat models are managed in a
central encrypted database with sophisticated replicas synchronization
enabling several analysts to work on the same threat model simultaneously.
Secured access of users to
parts of threat models and libraries according to permissions and working
roles.
Comprehensive full text search
and advanced OLAP queries that cover all threat models scope.
Merging and splitting of threat models and libraries and importing of model’s entities from external databases and repositories.
Version control that provides
'check in' and 'check out' operations on model’s entities to protect it's
completeness and consistency.
Unlimited historical archive
of threat models versions that supports version branching.
Audit of analysts’ activities, teamwork assignments and enterprise-wide statistics.
Extensive entity libraries for
ISO 17799 - BS 7799 and ISO 27001 enable users to easily develop complete
approval-ready security compliance documents that meet government
regulations and requirements.
Separate data entry screens
for the verification and validation phases.
Specialized wizards for filtering of a master set of regulations and requirements, delivering a specific sub-set of relevant action items in minutes.
***