Select the fields to be shown. Others will be hidden. Drag and drop to rearrange the order.
  • Software logo
  • Vendor
  • About
  • Website
  • Supported compliance
  • Deployment
  • Environment
  • Industry
  • Requirements
  • Application and DevOps Security
  • Asset Inventory and Management
  • Audit and Compliance Management
  • Awareness and Training
  • Backup and Recovery
  • Data Security
  • Endpoint and Device Protection
  • Identity Management and Access Control
  • Incident Response
  • Logging and Threat Detection
  • Network security
  • Posture and Vulnerability Management
  • Risk Assessment and Management
  • Software Bill Of Materials (SBOM)
  • Zero Trust Network Access
  • HIPAA_164.308: Administrative Safeguards
  • HIPAA_164.310: Physical Safeguards
  • HIPAA_164.312: Technical Safeguards
  • HIPAA_164.314: Policies and Procedures and Documentation Requirements
  • NERC_CIP-002-5.1a: BES Cyber System Categorization
  • NERC_CIP-003-8: Security Management Controls
  • NERC CIP Categorisation
  • NERC_CIP-004-7: Personnel & Training
  • NERC_CIP-005-7: Electronic Security Perimeter(s)
  • NERC_CIP-007-6: System Security Management
  • NERC_CIP-009-6: Recovery Plans for BES Cyber Systems
  • NERC_CIP-010-4: Configuration Change Management and Vulnerability Assessments
  • NERC_CIP-011-3: Information Protection
  • NERC_CIP-012-1: Communications between Control Centers
  • NERC_CIP-013-2: Supply Chain Risk Management
  • ISO 27001_Organisational Controls
  • ISO 27001_People Controls
  • ISO 27001_Physical Controls
  • ISO 27001_Technological Controls
  • PCI DSS_Requirement 1: Install and Maintain Network Security Controls
  • PCI DSS_Requirement 2: Apply Secure Configurations to All System Components
  • PCI DSS_Requirement: 3 Protect Stored Account Data
  • PCI DSS_Requirement 4: Protect Cardholder Data with Strong Cryptography During Transmission Over Open, Public Networks
  • PCI DSS_Requirement 5: Protect All Systems and Networks from Malicious Software
  • PCI DSS_Requirement 6: Develop and Maintain Secure Systems and Software
  • PCI DSS_Requirement 7: Restrict Access to System Components and Cardholder Data by Business Need to Know
  • PCI DSS_Requirement 8: Identify Users and Authenticate Access to System Components
  • PCI DSS_Requirement 9: Restrict Physical Access to Cardholder Data
  • PCI DSS_Requirement 10: Log and Monitor All Access to System Components and Cardholder Data
  • PCI DSS_Requirement 11: Test Security of Systems and Networks Regularly
  • PCI DSS_Requirement 12: Support Information Security with Organizational Policies and Programs
  • MITRE ATT&CK Mitigations (Enterprise) Supported by the Software
  • NIST CSF_GOVERN (GV) - Risk Management Strategy (GV.RM)
  • NIST CSF_GOVERN (GV) - Oversight (GV.OV)
  • NIST CSF_IDENTIFY (ID) - Asset Management (ID.AM)
  • NIST CSF_IDENTIFY (ID) - Risk Assessment (ID.RA)
  • NIST CSF_PROTECT (PR) - Identity Management, Authentication, and Access Control (PR.AA)
  • NIST CSF_PROTECT (PR) - Awareness and Training (PR.AT)
  • NIST CSF_PROTECT (PR) - Data Security (PR.DS)
  • NIST CSF_PROTECT (PR) - Platform Security (PR.PS)
  • NIST CSF_PROTECT (PR) - Technology Infrastructure Resilience (PR.IR)
  • NIST CSF_DETECT (DE) - Continuous Monitoring (DE.CM)
  • NIST CSF_DETECT (DE) - Adverse Event Analysis (DE.AE)
  • NIST CSF_RESPOND (RS) - Incident Management (RS.MA)
  • NIST CSF_RESPOND (RS) - Incident Analysis (RS.AN)
  • NIST CSF_RESPOND (RS) - Incident Response Reporting and Communication (RS.CO)
  • NIST CSF_RESPOND (RS) - Incident Mitigation (RS.MI)
  • NIST CSF_RECOVER (RC) - Incident Recovery Plan Execution (RC.RP)
  • NIST SP6800-53 (Low)_Access Control
  • NIST SP6800-53 (Low)_Awareness and Training
  • NIST SP6800-53 (Low)_Audit and Accountability
  • NIST SP6800-53 (Low)_Assessment, Authorization, and Monitoring
  • NIST SP6800-53 (Low)_Configuration Management
  • NIST SP6800-53 (Low)_Contingency Planning
  • NIST SP6800-53 (Low)_Incident Response
  • NIST SP6800-53 (Low)_Identification and Authentication
  • NIST SP6800-53 (Low)_Maintenance
  • NIST SP6800-53 (Low)_Media Protection
  • NIST SP6800-53 (Low)_Risk Assessment
  • NIST SP6800-53 (Low)_NIST SP6800-53 (Low)_System and Services Acquisition
  • NIST SP6800-53 (Low)_System and Communications Protection
  • NIST SP6800-53 (Low)_System and Information Integrity
  • NIST SP6800-53 (Low)_Supply Chain Risk Management
  • NIST SSDF_Prepare the Organization (PO) Implement Roles and Responsibilities (PO.2)
  • NIST SSDF_Implement Supporting Toolchains (PO.3)
  • NIST SSDF_Define and Use Criteria for Software Security Checks (PO.4)
  • NIST SSDF_Implement and Maintain Secure Environments for Software Development (PO.5)
  • NIST SSDF_Protect Software (PS) Protect All Forms of Code from Unauthorized Access and Tampering (PS.1)
  • NIST SSDF_Provide a Mechanism for Verifying Software Release Integrity (PS.2)
  • NIST SSDF_Archive and Protect Each Software Release (PS.3)
  • NIST SSDF_Produce Well-Secured Software (PW) Design Software to Meet Security Requirements and Mitigate Security Risks (PW.1)
  • NIST SSDF_Review the Software Design to Verify Compliance with Security Requirements and Risk Information (PW.2)
  • NIST SSDF_Reuse Existing, Well-Secured Software When Feasible Instead of Duplicating Functionality (PW.4)
  • NIST SSDF_Create Source Code by Adhering to Secure Coding Practices (PW.5)
  • NIST SSDF_Configure the Compilation, Interpreter, and Build Processes to Improve Executable Security (PW.6)
  • NIST SSDF_Review and/or Analyze Human-Readable Code to Identify Vulnerabilities and Verify Compliance with Security Requirements (PW.7)
  • NIST SSDF_Test Executable Code to Identify Vulnerabilities and Verify Compliance with Security Requirements (PW.8)
  • NIST SSDF_Configure Software to Have Secure Settings by Default (PW.9)
  • NIST SSDF_Respond to Vulnerabilities (RV) Identify and Confirm Vulnerabilities on an Ongoing Basis (RV.1)
  • NIST SSDF_Assess, Prioritize, and Remediate Vulnerabilities (RV.2)
  • NIST SSDF_Analyze Vulnerabilities to Identify Their Root Causes (RV.3)
  • Periodic compliance activities supported by the Software
  • The Software store, process, or transmit
  • The Software requires to be integrated with other systems impacting the cybersecurity or compliance of the customer
  • Software modules implemented
  • Software vendor Third-Party Service Providers (TPSPs) used
  • Support a BES Reliability Operating Service (BROS)
  • In Electronic Security Perimeter (ESP)
  • External Routable Connectivity (ERC) Scope Impact
  • In Physical Security Perimeter (PSP)
  • With Electronic Access Point (EAP)
  • Accessibility Attributes
  • Connectivity Attributes
  • Software secure development lifecycle
  • The Software vendor provides support during installation or set-up
  • The Software vendor provides an implementation guide to assist customers in securely setting up the application
  • Cardholder Data Environment (CDE) Systems (in-scope for PCI DSS)
  • Connected-to and/or security-impacting systems
  • Out-of-scope Systems
Compare
Compare ×
See comparison Continue browsing software