Dashboard Overview

Real-Time Project Management

Access to all aspects of the audit process

The dashboard facilitates real-time access to audit data including the scope of work, tasks & milestones, project status, vulnerabilities, fix statuses, reports, compliance reports, application & network map and much more.

Schedule projects on-demand

It allows you to schedule projects including recurring audits on-demand. You can specify details such as time window, credentials, documentation to the audit team as part of the workflow.

Setup custom notifications & alerts

You can set up custom alerts and notifications for each person involved in the project based on role, risk or scope. For example:

  • Daily high-risk issues alerted to the team lead via SMS and E-mail
  • Weekly summary of pending issues for the corporate site to CIO
  • And so on and so forth …

Patch Tracking & Issue Closure

Ensure that all issues are confirmed fixed

The dashboard allows you to mark issues as Fixed, Accepted Risk or Deferred. The issue remains as an open issue until the fix is marked as a “Confirmed Fix” by the audit team. This ensures complete fix assurance on the closure of issues.

Track recurring issues over time

With the help of recurrence tracking, we raise additional alerts in the case a previously closed issue has been identified again. This ensures that root-cause analysis can be conducted to ensure that the issue remains closed in the long-run.

Track patch status in real-time

The patch tracker provides a real-time view of the audit progress and lets you see status updates in real-time as auditors make changes in Lemon.

Management Views

Big Picture View of Pending Risks

Get a big picture view of the entire organization with a focus on pending risks. Drill down to any particular project, domain, time-period etc.

Generate a Compliance Report

Get a compliance report with specific issues, content and format as required by various compliance standards such as PCI DSS, ISO 27001, OWASP Top 10, SBI, CERT-In.

Annual Security Reports

Get an annual security report for the organization analyzing all the activities conducted over the year with a focus on root-cause analysis, recurring trends and patterns.

Download Management Presentations

Get a management presentation with a high-level overview of each audit conducted focusing on high risks, business impact, action items and analysis of audit data.

On-Demand Re-Testing

Automatically verify the effectiveness of fixes

At the click of a button, your developers can verify the effectiveness of a fix and minimize the endless loop between developers and security teams.

On-demand Manual Re-Testing

Once all issues have been marked as fixed, your team can go ahead and schedule a manual re-testing to verify that issues are confirmed fix and no other derivative issues have been created during the closure.

In-Built Training & Knowledge Sharing

Recommendations with code & config examples

Our recommendations come with code and config examples for your specific development languages, platforms environments. This allows a quick TAT for your developers to fix and close issues.

Comprehensive Security Knowledge Base

Developers have access to our comprehensive Knowledgebase with detailed instructions and code/config examples on how to fix issues. This ensures that developers are not just closing issues but learning to eliminate them in the long-run.

Customizable Reports

Generate report variations with various criteria

Create customized reports for any project based on scope, issues, risk, etc. This allows you to generate separate reports for different teams, outsourced partners, internal systems and development teams, etc.

Select or modify your report templates

You can select from a variety of different report templates or even go ahead and create your own customized version of the template with your own internal branding, layout and required information.

WAF / IPS Integration

Immediately mitigate risks with WAF & IPS integration

With a focus on the closure of issues, one of the key and industry-leading features we have included is WAF / IPS Integration in real-time. This allows the Dashboard to push alert or block rules into the WAF and IPS for new issues that have been detected during the audit. This allows you to immediately mitigate the risk posed by the issues until a long-term solution can be put into place.

Bug Tracker Integration

Two-Way Bug Tracker Integration

Two-way bug tracker integration allows your developers to seamlessly work with the dashboard with new issues automatically pushed into the bug tracker and assigned to relevant people. Patch statuses are synchronized between the two and workflow is created to close and re-test issues seamlessly.

Data Analytics

Consolidated & customizable views to analyze data

Analyze audit data across audits and projects and look at current pending-risks across all audits that have been conducted.

Trend Analysis

Analyze patterns and trends of issues identified across audits and time-periods to better understand root causes, improvements and growth.

Extensive APIs

Extensive APIs for Integration

We allow extensive APIs into the dashboard to allow for custom integration points with your internal applications, processes. This includes monitoring tools, deployment scripts, internal reporting engines, SDLC management applications, internal dashboard, bug trackers, etc.

Security Brigade a CERT-In empanelled founded on the core belief that “Great audits are done by great auditors – not expensive tools”. Our proprietary E.D.I.T.E platform provides a workflow based testing engine that encapsulates the complete audit process. It allows expert auditors to focus on in-depth manual testing while assisted by a combination of proprietary, open-source and commercial technology.