Skip links

Information Security Automation Manager (iSAM)

iSAM streamlines security management activities, manages and monitors IT infrastructure security controls and policies, provides visibility into vulnerability detection and remediation metrics and trends, provides visibility into incident response metrics, and generates reports on security risk indicators of the organization. These features will help your organization improve its security posture, effectively manage its security operations, and meet compliance requirements.

Solution overview

Information Security Automation Manager (iSAM) is a software product developed by Safetech Innovations to provide automation in the information security management process. By aggregating security process-related data in a single application, iSAM provides a quick and clear overview of an organization’s cybersecurity posture.

The product addresses these challenges of organizations:

  • The need for cyber protection – the number of cyber attacks, vulnerabilities and risks is continuously increasing,
  • Fulfilling legal obligations – the need of compliance with numerous regulations,
  • The difficulty of securing the necessary resources – the lack of specialized human resources.
The solution will have a positive impact in reducing the operational costs of governance and information security management through the dynamic management of the company’s environment and security risks.

Key functionalities of iSAM

iSAM provides the following functionalities:

  • Inventory of business processes and IT systems,
  • Vulnerability management,
  • Security risk analysis and management,
  • Security incident management,
  • Management of security indicators.

Inventory of business processes and IT systems

  • The solution manages the processes of the organization
  • Defines the IT services that support the processes
  • Associates IT systems to one or more IT services
  • Performs the inventory of the IT systems, associated with the organization’s departments, in order to manage their risks and vulnerabilities.

Vulnerability management

  • The solution manages a vulnerability registry, both manually and automatically
  • Displays lists of vulnerabilities and remediation recommendations
  • Maintains a history of vulnerabilities identified from periodic scans
  • Retrieve information by integrating with Nessus vulnerability scanner
  • Generates vulnerability reports and a vulnerability security score evolution graph
  • Generates a security score based on the severity of vulnerabilities.

Security risk analysis and management

  • The solution implements a threat registry that exploits known application vulnerabilities
  • Provides security risk management, which indicates the probability that a threat will materialize
  • Generate risk analysis for documenting the security risks
  • Risks are managed in a Risk Register with all risk analyzes added
  • Generates exception sheets if the risk cannot be immediately mitigated or eliminated.

Security incident management

  • The solution implements a security incident registry
  • Allows attaching records to incidents (MsOffice files, PDFs, binaries)
  • Sends email alerts when new incidents occur or when the status of existing ones changes
  • Manages the status of security incidents (open, closed, archived)
  • Generate security incident investigation reports.

Management of security indicators

  • The solution defines and tracks key performance indicators (KPI) and risk indicators (KRI) of processes, allowing early observation of positive and negative evolution and facilitating decision making.

Architecture and Implementation

iSAM installs quickly, in a virtual machine, with a simple process that takes minutes or hours, depending on the volume of data being processed. Once the data has been entered into the inventory module, your IT assets are visible, business processes are categorized and the monthly security level report can be exported in a few clicks.

Main benefits of iSAM

By using iSAM you will get the following benefits:

Positive impact in reducing the operational costs of governance and information security management through the dynamic management of the organization's environment and security risks;

Saving effort and time spent on generating security reports. iSAM will increase the efficiency of the information security management process by consolidating data/information into a single platform that provides automation and a clearer cyber security overview;

Faster and better documented decisions through an integrated platform, easy to configure and use;

Substantial support in the process of compliance with law 362/2018;

The solution will automate and facilitate the definition, implementation and reporting of the Control Indicators specified in Romanian Government Order 1323;

The solution will ensure the foundation of compliance with internationally recognized good practices in the field of information security.

iSAM is highly configurable and is developed based on the extensive experience of Safetech Innovations in cyber security management and governance.