Informed Security

"Our era draws a sentiment of superiority from the volume of information available, whilst the true element of judgement must relate to the manner men achieve to mould and rule the information they possess" (Goethe, 1780)

In order to obtain a safe system it is necessary to coordinate and organize every single information referring to the system status, the risks, the assets' value, the assets functioning within the company processes, the attack techniques, the technologies available, and reporting these afterwards in a suitable way, to the several offices and professionals: technicians, system administrator, department chiefs, security operators.

The approach to security must combine information not only to allow a priority scale on events , but, most importantly, to obtain an assessment of these elements in a system that considers the non technical elements such as inner policies, the Laws in force, and the company processes connected to the event. This becomes strictly important within complex IT networks, , working 24 hrs/day, located in different continents, where operators speak different languages.

A "measurement" of the security becomes, thus, strategic, due to comprehension and labeling of all the network events and as a focal point to base on the intervention policies. This also allows easy assessment of the remediation plan.

eMaze | informed security

Informed Security

PCI DSS Certification

Download our documentation

In-depth documentation on security topics