Introduction to the CSIS SAAS Platform

Introduction to the CSIS SAAS Platform

CSIS[1] is a web application for managing the security of a set of applications and infrastructures in a collaborative manner.

It helps :

·       Cybersecurity analysts to present and organize vulnerabilities ;

·       Developers, system and software architects and more generally anyone involved in the development cycle to understand the vulnerabilities that must be corrected within the framework of the development cycle of an application and infrastructures;

·       Managers of development teams and security managers (CISO, product owner) to manage the advancement and management of cybersecurity of assets in their portfolio.

CSIS makes it possible to bring together the occurrences of vulnerabilities collected from various scanners and utilities on the market (Qualys, ZAP Proxy, Burp Suite, Nessus, manual collection, etc.).

CSIS makes it possible to group (aggregate) the occurrences of vulnerabilities into aggregates. The occurrences of vulnerabilities are grouped according to their common points (type of vulnerability, category, remediation solution, etc.).

CSIS makes it possible to organize and represent these aggregates in scan type reports or pentest-type reports. The reports present a managerial summary for decision-makers and a technical view of the aggregates with more technical details.

Each aggregate can be associated with a remediation action that will be assigned to one or more people in the development cycle.

These remedial actions may have dependencies.

Use a Mozilla FireFox (v75 or higher), Google Chrome (v82 or higher) browser. Other browsers may work but have not been tested.

[1] CSIS : Computer Security Information System.

    • Related Articles

    • CSIS Certification Process

      Ready to be recognized for your information security know-how?  CSIS certifications are designed to prove your level of knowledge and use of the CSIS SAAS Platform.  Training for your certification prepares you to install, configure, and operate your ...
    • CSIS Certified Analyst

      Introduction To be certified as a CSIS Analyst, you will have to follow a one day training course, and pass an examination. Training Overview The Training is divided in two parts : General Présentation : - Introduction - Features - Technical solution ...