Skip to content

atilla777/rism

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

954 Commits
app
app
 
 
bin
bin
 
 
config
config
 
 
db
db
 
 
lib
lib
 
 
log
log
 
 
public
public
 
 
spec
spec
 
 
tmp
tmp
 
 
vendor
vendor
 
 
.browserslistrc
.browserslistrc
 
 
.dockerignore
.dockerignore
 
 
.env.development
.env.development
 
 
.env.production
.env.production
 
 
.env.production.docker
.env.production.docker
 
 
.env.test
.env.test
 
 
.gitignore
.gitignore
 
 
.overcommit.yml
.overcommit.yml
 
 
.rspec
.rspec
 
 
.rubocop
.rubocop
 
 
.rubocop.yml
.rubocop.yml
 
 
.ruby-gemset
.ruby-gemset
 
 
.ruby-version
.ruby-version
 
 
Capfile
Capfile
 
 
Dockerfile
Dockerfile
 
 
Gemfile
Gemfile
 
 
Gemfile.backup
Gemfile.backup
 
 
Gemfile.lock
Gemfile.lock
 
 
Gemfile.lock.backup
Gemfile.lock.backup
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
Rakefile
Rakefile
 
 
babel.config.js
babel.config.js
 
 
config.ru
config.ru
 
 
docker-compose.yml
docker-compose.yml
 
 
init.sql
init.sql
 
 
nginx.docker.conf
nginx.docker.conf
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
postcss.config.js
postcss.config.js
 
 
puma.service
puma.service
 
 
rails-entrypoint.sh
rails-entrypoint.sh
 
 
rism1.png
rism1.png
 
 
rism10.png
rism10.png
 
 
rism2.png
rism2.png
 
 
rism3.png
rism3.png
 
 
rism4.png
rism4.png
 
 
rism7.png
rism7.png
 
 
rism8.png
rism8.png
 
 
rism9.png
rism9.png
 
 
sidekiq-entrypoint.sh
sidekiq-entrypoint.sh
 
 
sidekiq.service
sidekiq.service
 
 
yarn.lock
yarn.lock
 
 

Repository files navigation

RISM - Rails Information Security Management

This application can help you to manage information related to information security (it is like ERP for information security business process).

At now project is not finished yet (but already can be used - if your know what do you do).

Documentation including how to install (draft, russian)

What already released:

  • Organizations management

  • Contacts (user) management

  • Incident accounting

  • Accounting (added manualy in incident response worflow) and enrichment IoC (automaticaly)

  • Port scanning (form RISM server or via remote agent - RA)

  • Vulnerabilities accounting (they just downloaded from NVD site, and enriched by some custom attributes)

  • Agreements accounting

  • Knowledge database module

  • Inform user via email about new IoC, vulnerabilities and articles in knowladge base

  • REST API that can be used to transfer data (IoC) to your other security tools

  • and something else ... Some screenshots:

What planned:

  • Information resources accounting (CMDB)

  • Incident workflow

  • Task management

  • Audits accounting

  • Risks accounting

  • e.t.c.

About

Information security management web application writen with Ruby on Rails

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

3 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages