• Skip to main content
  • Skip to footer
RISKREX – Digital Risk Management – RISKREX

RISKREX - Digital Risk Management - RISKREX

Eine weitere WordPress-Website

  • Start
  • Use Cases
  • Partner
  • Pricing
  • Login

Imprint

Information according to § 5 TMG

AWARE7 GmbH
Munscheidstr. 14
45886 Gelsenkirchen

Commercial register: HRB 14935
Register court: Local court Gelsenkirchen

Matteo Große-Kampmann, Chris Wojzechowski

Contact

Phone: 0209 – 8830 – 6760
e-mail: office@aware7.de

Sales tax ID

Sales tax identification number according to §27 a sales tax law:
DE321457114

Responsible for the content according to § 55 Abs. 2 RStV

Chris Wojzechowski
Bergmannstr. 5
45886 Gelsenkirchen

We are not willing or obliged to participate in dispute resolution proceedings before a consumer arbitration board.

What’s the score?

 
RiskRex provides companies and government agencies with independent insight into the security behavior and practices of their own organization. If required, supply chains and business partners can also be reviewed.

 

RiskRex evaluates companies on an easy-to-understand 1-100 system for both the overall safety assessment and for individual risk factors. A security evaluation is a measure of the company's security on the Internet.

 

It is based on information collected over the Internet and through RiskRex's proprietary data collection in combination with commercial and open source data sources. Different algorithms are applied against this data to calculate an assessment appropriate to the risk.
 

What does the score mean?

 
Put simply, a company with a high rating of over 73 points is about 5 times more likely to be a victim of cybercrime than a company with less than 33 points. Some individual cases, such as patch levels or application security, are even more meaningful and usually result in a score above 90.
 

Then companies are up to ten times more likely to be potential victims. A high rating does not automatically mean that a company will be successfully attacked tomorrow, but we know that companies with a lower score have a lower risk.
 

How does Risk Rex calculate the score?

 
RiskRex uses externally observable data about compromised systems, security measures, user behavior and public announcements to calculate a company's security rating.
 
In addition, findings from Internet scans carried out by the company itself are incorporated. All companies - whether they are customers or not - are evaluated according to the same criteria.
 

Why can the score help my company?

 
As you are no doubt aware, "cyber risk is business risk" applies today. However, if this "truism" is too broadly defined for you, you can further break down the meaning of the security ratings with the help of our score.
 

First, you need to know the condition and status of your own infrastructure in order to be able to assess the risk objectively. What is the level of security throughout the company? Can it withstand threats and attacks? How much budget should we budget for if we want to improve our infrastructure?
 
Today, globally and nationally operating companies are usually not solely responsible for providing a service or technology. Supply chain security ratings help you assess and manage third-party risks that interact with your products, services, networks or other outsourced resources. RiskRex enables companies to audit potential suppliers and identify and inspect problems within their existing supplier or partner network.
 
Finally, there is a growing need and supply for cyber-insurance. The cost of one of these cyber insurances ultimately depends on the cyber strategies of the company that wants to take out the insurance. The lower the risk, the better the price of the insurance. Companies can improve their strategies by incorporating security assessments, tracking improvements to their infrastructure and processes, and demonstrating the lowest possible rating.

Where and how is data collected?

 
RiskRex's security assessments are based on hundreds of different data sources available on the Internet, Dark- and Deepnet.

 

These sources are carefully curated by our technical staff. If new sources are to be added, they are carefully checked. Some sources are proprietary, some are based on partner relationships and some are obtained through open source data. The global threat and vulnerability landscape is constantly changing, so once a source is included in Risk Rex, we constantly review it for accuracy.

 

Is that legal?

 
Yes. All information we collect comes from visible and traceable sources.
 
Our product is non-invasive and does not require its own agents or software to be used. The information we collect is available to anyone who chooses to collect it. Schufa, Moody's, Creditreform and others have set a precedent for the collection of data and the presentation of an evaluation based on it. Similar to these companies that have established industry standards and ratings, our algorithm is based only on objective, verifiable and comprehensible data.
 

How can I improve my score?

 
Our scores are based on historical measurements taken over many years. This means that the score does not necessarily improve overnight.
 
RiskRex provides you with resources and strategies for the various risk vectors found, which you can use to improve your rating. You can also use RiskRex to indicate that you have corrected a weakness, in which case we will not include it in your individual calculation.
 
Is there a way to evaluate the company with regard to BSI Grundschutz, NIST, ISO or other standards?
The framework that enables our assessments can be aligned with the principles of several industry-leading standards - including NIST 800-53, ISO, PCI, HIPAA, BSI Grundschutz and others. This allows you to pre-audit your organization for possible pending certification.
 

Register and use

RISKREX


to uncover technical and human vulnerabilities, close security gaps and track the success of your cybersecurity strategy


Footer

RISKREX

Digital Risk Management

A product of the
AWARE7 GmbH
Munscheidstr. 14
45886 Gelsenkirchen
Imprint | Privacy Policy | GTC | SDP
Login