Breach Commander™
Unified Incident Management
Document | Lead | Collaborate | Act | Audit | Report
Tabletop Exercises
Cyber Insurance
Compliance
Step by step role-based process
Our web-based software smoothly takes participants through the best course of action.
​
Just enough AI supports our deterministic, repeatable, measurable workflows.
​
You can add you own steps if you wish.
Efficient risk-oriented KPIs
Real-time, detailed metrics and KPIs to drive risk and operational decision making.
Each case is assigned a performance score calculated from several meaningful internal metrics.
Live timeline of events and decisions
Always be ready to recount the story with a 360° view of decisions made, impacts documented, SLOs and more.
​
The timeline is optimized to be printed or exported for convenient reporting or sharing.
Contextual AI support
We've cooked in AI support to provide you just-in-time support related to our deterministic pre-defined playbook items.
​
Our assistant knows what's coming, and acts as a cyber expert to interact with you about business or technical aspects.
Repeatability and auditability at its core
Breach Commander is based on hundreds of deterministic playbook items where the flow can be repeated with precision with the same answers.
Consequently the cases and their metrics can be compared to each other for performance and quality.
The value of Breach Commanderâ„¢
Elite Innovation
Unique on the market, our solution is built on 20+ years of operational experience at dealing with all forms of cyber incidents imaginable.
​
Unique literally means it does not exist anywhere else.​​​​
Bridges the needs of multiple industries
Breach Commander™ does provide a never seen before streamlined incident management platform for security operations teams.
But most of all it is a unified answer to the challenges of several industry verticals:
​
-
Privacy & legal breach coaching
-
Insurance underwriting
-
Auditing & compliance
-
Cyber incident response & forensics providers.
Demonstrated Usefulness
We have developed and refined our solution from real-world incidents and crisis management, including business challenges spanning across the whole enterprise (legal, compliance, insurance, finance, risk management, audit, etc) .
Just the right Amount of AI
Of course we have cooked-in some AI to offer just-in-time assistance on top of our deterministic, repeatable and comparable workflows.
​
And we are doing proper R&D to build our own internal AI models to replace any commercial 3rd party consumption.
Exciting Industry Opportunities
The timing is perfect.
Partnering with Breach Commander™ opens the door to a lucrative positioning in an immature, high-demand and low offer market for proper cyber incident management.
-
Who is the developer of Breach commander?Fullblown Security Consulting is the sole developer of the solution and owns 100% of the intellectual property fuelling it.
-
Why was Breach Commander created?Breach Commander is born from the universal need to properly manage cyber incidents in a simple, collaborative, streamlined, repeatable and measurable fashion. The creator has cooked into the solution his experience of 20+ years of IT, cybersecurity, digital forensics, governance and incident management experience.
-
Which technologies are used to build Breach Commander?Breach Commander is built on the very standard and robust Linux - Apache - MySQL - PHP (LAMP) combination of technologies. The content does not rely on a complex 3rd-party content management system (CMS). We have tried to build everything by hand. First for the pleasure of it; Then we wanted to avoid all the possible external dependencies. The external modules we use are either commercial add-ons provided by their vendors (mapping, AI, font/icons) or very standard programming libraries in PHP.
-
What kind of attention did you give to security aspects in the development?There are 2 aspects to discuss here: Secure Coding and Coding Best Practices We have leveraged security best practices to make sure our code is not only reliable, but absent of vulnerabilities or weaknesses that could compromise its integrity or reliability, including: + Building reusable code and object-oriented programming (OOP); + Validation and sanitation of input data types; + Sanitation of SQL queries (especially coming from user-input data); + Utilization of cross-site request forgery tokens to avoid the replay of our parametered URLs; + Freeing our variables after use; + Salting and hashing of stored credentials; + And more ... Application logic security Breach Commander is built with role-based access controls (RBAC) for access to content and resources. It ensures that users can access restricted data and content only if they have the proper rights to do so. Our authentication enforces multi-factor authentication (MFA) via mobile authenticator at account configuration.
-
Is Breach Commander a multi-tenant solution?Yes. Breach Commander has built-in multi-tenancy. This means that a user can be given granular access rights to various company tenants via the same user account and credentials. This is of particular interest for providers supporting multiple clients like breach coaches, insurers and incident responders.
-
Can the incident timeline be exported to PDF?Yes. The timeline display has been designed with exporting in mind, so that the page prints well and exports/prints to PDF conveniently for inclusion in a report.
-
Does Breach Commander have multiple display themes?Yes. Breach Commander has a light and a dark mode display themes
-
Is it possible to export the audit logs for an incident case?Yes. The audit log review functionality offers the download in standard CSV format.
-
Is it possible to consume the logs, metrics and KPIs via API?Currently no. But this is being worked on for a future release.