Got plenty of feedback (perhaps more than i can process). People trying and using eramba seem mostly to be consultants, security managers (some curious auditors too). I want to thank you all for the ideas and motivation that keeps us moving forward!
This is what you can expect from eramba version 1.2 (release will be in mid September):
- Improved Dashboards
- Better “Summaries” of Security Services, Risks, Projects, Etc. It’s now easier to see “a glimpse” of where we are.
- eramba has the information needs to answer tricky questions. I’ve been working on linking that information better and exploring graphical ways of representing it. I think we did a step forward…the questions I wanted to reply are:
- How much risk we mitigate?
- How much money we spent mitigating risks? Which are the most expensive Risks?
- How complaint we are with XYZ?
- Where do we fail the most? (Compliance wise)
- Which are the critical controls? (Compliance wise)
- How much each Security Services cost (money and resources)?
- How many times the controls failed an internal audit?
- How much Risk each of them mitigates?
- How much compliance they deal with?
- Improved Security
- you now can authenticate eramba users with your Active Directory
- we reviewed input validation on key areas such as authentication and authorisation
- Improved Compliance & Audit Modules
- got many “auditors” asking for a way for them to audit companies and keep records
- the compliance module now calculates compliance instead of asking you to do it
- New Functionalities
- email notifications for the calendar … it drops an email when an item (a Risk expiring, an audit coming, Etc) needs to be looked at.
- Workflows. On some parts of the system (mostly Risk and Security Services) we are adding a workflow so changes on them (approved, design, Etc.) can be reviewed by different people.
I’m trying to get all this sorted out with some help by mid September .. we’ll see how we do!
Enjoy – Esteban