- Draw the model with the intuitive web inteface
- Import and adjust data through the API
- Specify the business impact of problems at primary asset
- Select existing mitigations from standard controls
- Network paths and data flows are automatically found
- Threats are identified following the web of attack paths
- Risk levels are computed from threat likelihood and business impact
- Mitigations are proposed, drawn from a detailed knowledgebase
Analysis & Export
- See the highest risk threats and view the causes
- Implement suggested controls to lower the risk level
- Export a full technical assessment
- Create SOC-2 and ISO 27001 compliance reports (in progress)
SPYDERISK combines a comprehensive system model with an innovative machine reasoning technique and a detailed knowledgebase of threats and control strategies to create an unsurpassed view of the risks to a system.
Discover all of the threats facing your systems. Sort by risk or likelihood, filter by asset and view the causes and effects.
Implement suggested control-strategies on an asset-by-asset level, or add control strategies on a system-wide level. Risks are automatically recalculated following control addition, allowing you to focus on the biggest risks to your systems.
Advanced Risk Modelling
Cutting-edge risk calculation methods based upon over 7 years of academic research by a highly skilled team at The University of Southampton.
NewsTweets by SPYDERISK
The innovative risk calculation and modelling techniques at the heart of SPYDERISK are the result of over 7 years of research by Professor Mike Surridge and others at the University of Southampton IT Innovation Centre.
Dr. Stephen C Phillips
Prof. Mike Surridge
Head of Research