Putting a dollar value on cyber risk
OVERWHELMED BY SECURITY AND VULNERABILITY DATA?
HAVING DIFFICULTY QUANTIFYING LOSS EXPOSURE FROM CYBER RISK?
STRUGGLING TO TRANSLATE TECHNICAL SECURITY DATA INTO BUSINESS OUTCOMES?
What is Corax and how does it keep my business safe?
Corax is cloud-based software that will help you to make decisions and take actions to prevent cyber crime and data loss. It takes information from lots of sources, makes calculations, and presents them in a way that makes sense for your business.
Corax is security operations, analysis & reporting software. It correlates threat intelligence, vulnerability and penetration testing data with relevant business information such as data, IT infrastructure assets, buildings, workspaces and security controls.
The culmination of data sets and associations makes life much easier
Information Security Officer, retailer
I like it because it's simple and focussed
CISO, financial services institution
This makes it simpler. You can quickly get set up rather than take 6 months. It reduces the complexity of spreadsheets and increases visibility at the top-level of the business
Powerful risk calculation engine
Corax makes complex cyber risk and compliance calculations by taking into account the interconnected parts of your business. The results help you see where cyber security problems exist in your business and prioritise action and security investment.
Corax calculates cyber risks to assets and asset dependencies for multiple attack scenarios. It computes the probability and impact of an attack based on complex relationships in physical and IT infrastructure. Those risks can be rolled up to give a high-level view or unrolled to give a granular view. Regardless of what level you choose to view your risk data, Corax clearly presents information about probability, financial impact, risk score and compliance.
Cyber risk and compliance in the context of your business
Corax helps you build a picture of your business – its departments, data, IT, buildings and suppliers – and map the complex relationships that exist between them. This means technical information about cyber risk and compliance is presented in the context of your business, so it’s more accurate and relevant.
Corax helps you build a register of your business functions, vendors, critical data, IT infrastructure, networks, facilities and security controls. You can then map the complex associations between them, automatically calculate financial value and assign ownership of assets. Corax is also a repository of vulnerability scan data and penetration testing data.
Automate data research and aggregation
Corax does the hard work in the background, so you don’t have to
Corax maintains data sets of threat intelligence, vulnerabilities, security controls, data privacy regulations and information security standards. Data sets are aggregated from third party products, open-source information and in-house research. Data sets then feed into Corax cyber risk and compliance calculations.
Actions and workflow driven by you
The Actions section is your prioritized to-do list. Use its ‘Show me…’ feature to see the types of actions that matter to you, like fixing security weaknesses, implementing security measures to be compliant, or deciding to reduce or transfer your cyber risk.
The Actions functionality prioritises workflow to you via human language-based queries. You can customize your actions workflow to suit your working style or role. Cyber risk can be reduced and vulnerabilities remediated, because they’re presented in a logical order.
Complements other security tools
Corax connects to other security software products - if you have them. This makes your cyber risk and compliance scores more accurate. It can also import your existing inventory of computers and software.
Corax integrates via APIs with third party software products for threat intelligence, vulnerability discovery or asset discovery. Corax also supports data imports in CSV, XML and other formats.