KDM Analytics Blade Suite
KDM Analytics Blade Suite
|Company size (employees)
|10 to 49
|Type of solution
KDM Analytics delivers the most efficient approach to risk assessment for cyber and cyber-physical systems. The Blade Suite of products is the only solution to fully automate the security assessment based on the NIST RMF assessment workflow to determine and prioritize viable system attacks with enabling vulnerabilities, security risks, mitigation options. It also performs automated assessment of each mitigation option to calculate mitigated, compliance, and residual risk.
The Blade Suite comprises two products which can be used alone or fully integrated:
Blade RiskManager automates the NIST Risk Management Framework (RMF) Assessment and is a one-stop source to store, assess, manage, and trace all evidence regarding operational and system risk.
The Blade OneReport product improves breadth and accuracy of vulnerability analysis and detection. It is a standards-based platform that integrates the outputs of multiple vulnerability scanners in a single uniform report.
Together, Blade RiskManager and Blade OneReport provide a comprehensive, automated risk assessment that is repeatable across missions and products. This includes:
• Automated risk analysis
• Automated security assessment
• Automated vulnerability detection and analysis
• Provides full traceability – from threat source, through direct or multi-staged attack paths, to vulnerability
• Produces measurement and prioritization that makes it easy to plan how to best leverage the risk management budget and resources for greatest impact.
How we are different
80% COST SAVINGS ON RISK ASSESSMENT POSSIBLE
Clients typically achieve 80% reduction in cost on first use while increasing robustness, completeness of the assessment, and confidence in the outcome.
AUTOMATES THE NIST RMF ASSESSMENT OF CYBER AND CYBER-PHYSICAL SYSTEMS
KDM Analytics Blade Suite produces a comprehensive and systematic security assessment with a high level of confidence in the outcomes. The solution implements:
• Risk assessment based on NIST SP 800-37
• Security Controls based on NIST SP 800-53 and assessment reports in accordance with NIST SP 800-53A
• Risk levels are based on the NIST SP 800-30 risk assessment DOD Risk Management Guide and are computed based on the risk group’s likelihood and impact.
AUTOMATES, PRIORITIZES, AND QUANTIFIES RISK
KDM Analytics Blade Suite is the only solution to employ the most effective security assessment process that includes top-down automated risk analysis followed by guided/targeted bottom-up vulnerability analysis. It answers the key stakeholder question: where should we focus mitigation efforts, resources and budget?
This is achieved through the following fully AUTOMATED capabilities:
• Threat modeling based on the operational and system architecture, followed by direct and multi-stage attack analysis and identification of exposures and operational impacts
• Graphical generation of system architecture, attack tree, and attack paths including risk analysis results (includes scoring)
• Assignment of Security Controls followed by risk computation: raw, mitigated, compliance, and residual risk
• Generation of risk assessment reports including security requirements and non-compliant risk assessment.
AUTOMATES MODEL-BASED RISK ASSESSMENT (MBRA)
Blade Suite leverages system engineering models for the purposes of risk assessment (MBRA). Moving from document-centric to model-centric system engineering practices for describing systems enables the Blade Suite toolset to be seamlessly integrated at the right time. This shifts risk towards early stages of project development. The asset can be assessed before it is built so security is built in, not bolted on.