The principle of the Security Rating® is to produce a score that represents an organization’s cyber security performance and maturity through an automated, continuous and repeatable assessment based on publicly observable data.
Security Rating® is a solution developed by our partner Board of Cyber. Find out more about the solution at https://www.boardofcyber.io/.
Continuous rating
Non-intrusive rating
Fully automated rating
Multilingual solution
Board of Cyber
RATE
Rate your cyber maturity
and that of your ecosystem
> An automated rating updated daily based on data that is publicly accessible:
- from 0 to 1000
- A to E for each of the 6 areas of analysis
> Questionnaires on cyber needs and maturity to complete your rating
MANAGE
Create an ecosystem
of trust
> Single or multi-company dashboards to visualise the performance of your company and/or your partners
> Sector benchmarking
> Synthesis and detailed reports
> Complete archive of your ratings
IMPROVE
Improve both yours and your
ecosystem’s performance
> Concrete and detailed explanations of every detected problem
> Recommendations and best practices for each area of analysis
> Understand different levels of severity in order to identify what actions need to be prioritised
Almond
ACCOMPANY
Accompany you
in the implementation
> Onboarding of companies on the platform (presentation of the Security Rating® & work around the evaluated perimeter)
> Support in the use of the Security Rating® by the experts and analysts of the Service Center
> In option:
- Steering committees (quarterly or semi-annually),
- Accompanying the evaluated companies to complete the questionnaire(s)
The 6 areas of analysis
Attack Surface
Identifies the entry points that an attacker could potentially exploit to gain access to information
Messaging
Verifies the presence of technical solution limiting identity theft and interception of exchanges as well as the presence of open relay type services
Web TLS/SSL
Inspects aspects related to the hardening of web components: certificates, security headers, ciphers and SSL vulnerabilities
Vulnerabilities
Collects body of evidence allowing the components used to be deduced.
With this information, Security Rating® deduces the existence of vulnerabilities on the assessed perimeter
Security Control
Inspects an attacker’s ability to forge Domain Name Configuration (DNS) entries in order to direct visitors to a malicious site
Discovered Security Incidents
Interconnected to the SOC Threat Intelligence bases, Security Rating® reports security events discovered among the assets present in the perimeter mapping
Is the Security Rating® right for me?
CISO
Understand how your organization contributes to the risk of its ecosystem and manage the cyber risk of its subsidiaries
Purchasing department
Assess the cyber maturity of your suppliers and partners with continuous and objective monitoring of their cyber performance
Private equity
Assess the cyber risk of your portfolio and the cyber maturity of your future investments
SMB
Understand how your organization contributes to the risk of its ecosystem and give confidence to your customers
Risk Manager
Facilitate the underwriting of cyber insurance; make cyber risk understandable to your Board, integrate cyber risk into your risk management
Insurance broker
Help your customers and prospects to subscribe to a cyber insurance in the best conditions
Insurer
Assess the cyber maturity and performance of your customers or prospects who are considering purchasing cyber insurance
And more…
BANKS
M&A
AUDITORS
RATING AGENCIES
…
Almond's Security Rating® Service Center
Almond’s Security Rating® Service Center is a team of operational and legitimate cybersecurity consultants whose goal is to support you in your day-to-day use of the solution.
Manage the Security Rating® program initiated with your subsidiaries / participations / suppliers / partners
Prepare and deploy Security Rating® assessments, in batch or on demand
Define the relevant perimeters for each of the companies evaluated by the Security Rating®
Implement your customized questionnaires in the Security Rating® platform (optional)
Introduce the Security Rating® to your partners and suppliers by conducting kick-off meetings or webinars
Identify assets that were not previously identified, refine and optimize mapping
Support end-users in the use of the Security Rating® platform (consumption monitoring, advice on results interpretation…)
Accompany your subsidiaries / participations / suppliers / partners in completing the questionnaires
Reporting the results of the Security Rating® program through quarterly or semi-annual steering committees
Provide an external view of the remediation plans implemented by your subsidiaries / participations / suppliers / partners
Propose or respond to specific needs, for example, by being a single point of entry for tailor-made composite offers
Offer personalized support to each of the evaluated entities by drawing on all the expertise offered by Almond
Three packages and several options
