Cyber GRC Ideas Portal
ADD A NEW IDEA

All ideas

Showing 141 of 141

Vector value should be a multiselect in the Threat form.

Vector value should be a multiselect in the Threat form. There can be scenarios where a single threat can be realized through multiple vectors e.g. Hacking attack and loss of data can be done through multiple vectors. Hence, this field should be a...
Guest over 4 years ago in IT and Cyber Risk 0 Pending Roadmap Inclusion

[IT GRC] Unable to trigger GRCF objects from UCF, which were tried earlier, but it was unsuccessful.

Trakr 276726 Unable to trigger GRCF objects from UCF in the following scenario. Steps: MS_ITU_UCF_GRC_F_REFERENCE - Data table - Configured like below. OWNER_ORGANIZATION : CareFirst OWNER : Administrator ---> (Wrong username) 1. Login as SY...
Guest over 8 years ago in IT and Cyber Compliance 1 Release Candidate Available

Support for FAIR risk assessment methodology.

FAIR is a popular framework for IT risk assessments.
Deleted User almost 9 years ago in IT and Cyber Risk 0 Release Candidate Available

Integration with Microsoft System Center Configuration Manager.

Microsoft SCCM is often used as a CMDB within IT organizations. It adds value to import the Asset inventory from SCCM into MetricStream Asset Library.
Deleted User almost 9 years ago in Threat & Vulnerability Management 1 Cannot be considered in the Roadmap

Automatic closure of vulnerability remediation tickets.

For an Asset - Vulnerability pair in scan n for which the Vulnerability is not detected in scan n+1 any ticket that was triggered for this Asset - Vulnerability pair should be closed automatically. There should be a configuration to enable or disa...
Deleted User almost 9 years ago in Threat & Vulnerability Management 0 Need more information

XLS/CSV data upload for Common Threat and Vulnerability Data Model.

In Customer scenarios where an API-connection into a Vulnerability Scanner is not possible or where vulnerability scan results already exist via. business workflows and in the form of a flat-file (CSV or XLS) it adds value to ingest this data into...
Deleted User almost 9 years ago in Threat & Vulnerability Management 4 Cannot be considered in the Roadmap

Default sources should be unlocked in extended forms

When some values are deactivated the data for existing form should be visible with old data. In Questionnaire form "Applies To" field has no Display infolet, if this is enabled for configuration it would help GS team to work themselves
Guest over 4 years ago in IT and Cyber Compliance 1 Cannot be considered in the Roadmap

Configurable connectors

SABB has no asset/CMDB like Atrium. They want the Nexpose connector to create Asset/Asset-Class GRC library from the vulnerability information itself. Creating asset from Nexpose feed through ETL and business criticality to be governed by fields ...
Guest almost 7 years ago in Threat & Vulnerability Management 0 Pending Roadmap Inclusion

Data feed from external scanning vendors should be up-loadable and tracked in MSI platform using ISM

SABB employs the services of 2 external vendors to scan the internet facing IP addresses to check for any vulnerabilities. These results (2 different excel formats) should be up-loadable into the system. The external IP can in fact refer to the sa...
Guest almost 7 years ago in Threat & Vulnerability Management 0 Pending Roadmap Inclusion

Auto closure of issues if related vulnerability is not active

Issues created by vulnerability scan should be auto-closed if in the subsequent scans, that vulnerability is not active A new source type – External Vulnerability Update to be supported in Issue management app. This feature should be an optional f...
Guest almost 7 years ago in Threat & Vulnerability Management 0 Pending Roadmap Inclusion