The principle of the Security Rating® is to produce a score that represents an organization’s cyber security performance and maturity through an automated, continuous and repeatable assessment based on publicly observable data.

Security Rating® is a solution developed by our partner Board of Cyber. Find out more about the solution at https://www.boardofcyber.io/.

Continuous rating

Non-intrusive rating

Fully automated rating

Multilingual solution

Board of Cyber

RATE

Rate your cyber maturity
and that of your ecosystem

> An automated rating updated daily based on data that is publicly accessible:

  • from 0 to 1000
  • A to E for each of the 6 areas of analysis

> Questionnaires on cyber needs and maturity to complete your rating

MANAGE

Create an ecosystem
of trust

> Single or multi-company dashboards to visualise the performance of your company and/or your partners

> Sector benchmarking

> Synthesis and detailed reports

> Complete archive of your ratings

IMPROVE

Improve both yours and your
ecosystem’s performance

> Concrete and detailed explanations of every detected problem

> Recommendations and best practices for each area of analysis

> Understand different levels of severity in order to identify what actions need to be prioritised

Almond

ACCOMPANY

Accompany you
in the implementation

> Onboarding of companies on the platform (presentation of the Security Rating® & work around the evaluated perimeter)

> Support in the use of the Security Rating® by the experts and analysts of the Service Center

> In option:

  • Steering committees (quarterly or semi-annually),
  • Accompanying the evaluated companies to complete the questionnaire(s)

The 6 areas of analysis

control measures and performance measures
Attack Surface

Identifies the entry points that an attacker could potentially exploit to gain access to information

Messaging

Verifies the presence of technical solution limiting identity theft and interception of exchanges as well as the presence of open relay type services

Web TLS/SSL

Inspects aspects related to the hardening of web components: certificates, security headers, ciphers and SSL vulnerabilities

Vulnerabilities

Collects body of evidence allowing the components used to be deduced.
With this information, Security Rating® deduces the existence of vulnerabilities on the assessed perimeter

Security Control

Inspects an attacker’s ability to forge Domain Name Configuration (DNS) entries in order to direct visitors to a malicious site

Discovered Security Incidents

Interconnected to the SOC Threat Intelligence bases, Security Rating® reports security events discovered among the assets present in the perimeter mapping

Is the Security Rating® right for me?

bulle-noire-1

CISO

Understand how your organization contributes to the risk of its ecosystem and manage the cyber risk of its subsidiaries

bulle-noire-2

Purchasing department

Assess the cyber maturity of your suppliers and partners with continuous and objective monitoring of their cyber performance

bulle-noire-3

Private equity

Assess the cyber risk of your portfolio and the cyber maturity of your future investments

bulle-noire-4

SMB

Understand how your organization contributes to the risk of its ecosystem and give confidence to your customers

bulle-noire-5

Risk Manager

Facilitate the underwriting of cyber insurance; make cyber risk understandable to your Board, integrate cyber risk into your risk management

bulle-noire-6

Insurance broker

Help your customers and prospects to subscribe to a cyber insurance in the best conditions

bulle-noire-7

Insurer

Assess the cyber maturity and performance of your customers or prospects who are considering purchasing cyber insurance

bulle-noire-8

And more…

BANKS
M&A
AUDITORS
RATING AGENCIES

Almond's Security Rating® Service Center

Almond’s Security Rating® Service Center is a team of operational and legitimate cybersecurity consultants whose goal is to support you in your day-to-day use of the solution.

Manage the Security Rating® program initiated with your subsidiaries / participations / suppliers / partners

Prepare and deploy Security Rating® assessments, in batch or on demand

Define the relevant perimeters for each of the companies evaluated by the Security Rating®

Implement your customized questionnaires in the Security Rating® platform (optional)

Introduce the Security Rating® to your partners and suppliers by conducting kick-off meetings or webinars

Identify assets that were not previously identified, refine and optimize mapping

Support end-users in the use of the Security Rating® platform (consumption monitoring, advice on results interpretation…)

Accompany your subsidiaries / participations / suppliers / partners in completing the questionnaires

Reporting the results of the Security Rating® program through quarterly or semi-annual steering committees

Provide an external view of the remediation plans implemented by your subsidiaries / participations / suppliers / partners

Propose or respond to specific needs, for example, by being a single point of entry for tailor-made composite offers

Offer personalized support to each of the evaluated entities by drawing on all the expertise offered by Almond

Three packages and several options

Security Rating® is a solution developed by our partner Board of Cyber. Find out more about the solution at https://www.boardofcyber.io/.

Slide >> CONTACT US <<