senaduka/old-riskletpy
1
0
Fork 0
Code Issues 5 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Merge branch 'minor-updates' into 'master'

Browse Source 
Changed StackSight to Portaregula,gdpr+ to gdpr, capcarap to organization name

Closes #39

See merge request kbr4/riskletpy!59
This commit was merged in pull request #108.
This commit is contained in:
amir sabani
2025-09-11 11:58:22 +00:00
parent 583962ccd1 ab6bc45085
commit 923ce23009
3 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/core/templates/index.html
View File

@@ -14,7 +14,7 @@
<span class="text-accent">Instantly See Your Top 10 Cybersecurity Risks</span>
</h1>
<p class="mt-8 text-lg sm:text-xl text-blue-100 max-w-3xl mx-auto">
RiskLMs intuitive AI platform makes complex cyber risk assessments accessible to everyone, not just experts. Automatic analysis, generate compliant reports (NIS2, ISO, NIST, GDPR+), save time, reduce consultant costs, and ensure continuous security effortlessly.
RiskLMs intuitive AI platform makes complex cyber risk assessments accessible to everyone, not just experts. Automatic analysis, generate compliant reports (NIS2, ISO, NIST, GDPR), save time, reduce consultant costs, and ensure continuous security effortlessly.
</p>
<p class="mt-6 text-lg sm:text-xl text-blue-100 max-w-3xl mx-auto font-semibold">
Download our free white paper showing exactly how Risklet pinpoints critical vulnerabilities for NIS2 compliance and recommends cost-effective controls.

2
backend/core/templates/no_confidential_data.html
View File

@@ -80,7 +80,7 @@
</div>
<div class="article-body">
<p>At StackSight LLC, our relationship with our clients is founded on a bedrock of trust. We understand that in the domain of cybersecurity, the protection of your confidential information is not just a priority; it is a prerequisite. This is why our risk assessment methodology is engineered from the ground up to operate without requiring access to any of your sensitive or confidential data.</p>
<p>At Portaregula LLC, our relationship with our clients is founded on a bedrock of trust. We understand that in the domain of cybersecurity, the protection of your confidential information is not just a priority; it is a prerequisite. This is why our risk assessment methodology is engineered from the ground up to operate without requiring access to any of your sensitive or confidential data.</p>
<p>I wish to provide absolute clarity on how we deliver a precise and actionable risk assessment while upholding this fundamental commitment to your privacy and security.</p>

8
document_template.yml
View File

@@ -8,7 +8,7 @@
content:
- title: "Executive Summary"
description: |
This Cyber Risk Assessment Report provides a comprehensive evaluation of {{ document.organization.name }}'s cybersecurity posture. The assessment focused on identifying critical risks, prioritizing mitigation strategies, and aligning practices with internationally recognized frameworks such as CIS CSC v8.1, NIST CSF 2.0, ISO 27001:2022, and regulatory requirements including NIS2, DORA, and GDPR. Conducted by StackSight LLC, the assessment leveraged data provided by representatives of {{ document.organization.name }}, insights from consultancy and industry reports, and threat intelligence sources to deliver actionable guidance tailored to {{ document.organization.name }}'s unique operational environment.
This Cyber Risk Assessment Report provides a comprehensive evaluation of {{ document.organization.name }}'s cybersecurity posture. The assessment focused on identifying critical risks, prioritizing mitigation strategies, and aligning practices with internationally recognized frameworks such as CIS CSC v8.1, NIST CSF 2.0, ISO 27001:2022, and regulatory requirements including NIS2, DORA, and GDPR. Conducted by Portaregula LLC, the assessment leveraged data provided by representatives of {{ document.organization.name }}, insights from consultancy and industry reports, and threat intelligence sources to deliver actionable guidance tailored to {{ document.organization.name }}'s unique operational environment.
Key findings from the assessment reveal several areas where {{ document.organization.name }} faces heightened cybersecurity risks, particularly within the domains of phishing, ransomware, vendor risks, and unpatched software vulnerabilities. These identified risks pose significant threats to operational continuity, sensitive data, and regulatory compliance. The top risks are detailed in the findings section of this report.
To address these challenges effectively, a strategic roadmap comprising targeted safeguards is proposed. Each safeguard is prioritized based on its potential effectiveness in reducing both the likelihood and impact of identified risks. Key recommendations include the deployment of advanced email filtering systems, organization-wide enforcement of multi-factor authentication (MFA), implementation of a comprehensive patch management program, utilization of Endpoint Detection and Response (EDR) tools, ensuring frequent and securely stored data backups, and the establishment of robust vendor security standards coupled with continuous monitoring.
Implementation of these recommendations is projected to yield substantial quantifiable and qualitative benefits for {{ document.organization.name }}, including an estimated 75% reduction in financial exposure stemming from cyber incidents through targeted risk mitigation, increased adherence to relevant regulatory mandates, and enhanced operational continuity with significantly reduced downtime during potential cyber events.
@@ -123,7 +123,7 @@
</table>
</div>
- description: |
Risk Tolerance Range: Scores between 5 and 7 are generally considered within the acceptable risk tolerance range for capcarap, subject to formal acceptance by leadership.
Risk Tolerance Range: Scores between 5 and 7 are generally considered within the acceptable risk tolerance range for {{ document.organization.name }}, subject to formal acceptance by leadership.
- warning: |
Intolerable Risks: Risks with scores of 8 or above are formally classified as intolerable and require immediate treatment.
- subtitle: "Risk Matrix Visualization - Inherent Risk"
@@ -293,14 +293,14 @@
content:
- subtitle: "Disclaimer"
description: |
This report is provided for informational purposes only and is based on the data and information available to StackSight LLC at the time of the assessment. The findings and recommendations contained herein are intended solely to provide guidance to {{ document.organization.name }} in enhancing its cybersecurity posture. Cybersecurity risks are inherently dynamic and subject to continuous evolution. StackSight LLC makes no warranties, express or implied, regarding the completeness, accuracy, or suitability of this report for any specific purpose or outcome. The implementation of the recommendations outlined in this report does not constitute a guarantee of complete protection against all potential cyber threats or incidents.
This report is provided for informational purposes only and is based on the data and information available to Portaregula LLC at the time of the assessment. The findings and recommendations contained herein are intended solely to provide guidance to {{ document.organization.name }} in enhancing its cybersecurity posture. Cybersecurity risks are inherently dynamic and subject to continuous evolution. Portaregula LLC makes no warranties, express or implied, regarding the completeness, accuracy, or suitability of this report for any specific purpose or outcome. The implementation of the recommendations outlined in this report does not constitute a guarantee of complete protection against all potential cyber threats or incidents.
{{ document.organization.name }} assumes full responsibility for all decisions made based on the content of this report and for the implementation, ongoing management, and effectiveness of its cybersecurity controls and risk management program. This report should not be construed as, nor relied upon as, legal or regulatory advice.
- segment_type: "risk_assessment_process"
content:
- title: "Risk Assessment Process - Scales"
description: |
For determining likelihood, StackSight LLC utilizes a commonly referenced scale, presented below:
For determining likelihood, Portaregula LLC utilizes a commonly referenced scale, presented below:
- headers: ["Likelihood Score", "Probability of Happening in a Year", "Descriptor", "Criteria"]
rows:
- ["1", "0-10%", "Rare", "Has never occurred or has not occurred in the prior 10 years. Highly unlikely, but it may occur in exceptional circumstances. It could happen, but probably never will."]