🐙 intuitem is a French company specialized in cyber security and infrastructure management. We are a team of passionate and experienced engineers, who are dedicated to providing the best solutions to our clients. CISO Assistant is our main product, a one-stop-shop that helps CISOs and cyber security practionners manage their security program. We also provide consulting services and audits. 🚀https://intuitem.comhttps://intuitem.com/whats-new-ciso-assistant-2026-w23https://intuitem.com/whats-new-ciso-assistant-2026-w23Two releases close out the week: v3.17.1 brings a Prometheus metrics endpoint, user-configurable date formats, expanded comments and audit aggregation; v3.17.2 piles on an expanded AI/MCP server, the ABRO framework, a tables column selector, action-plan cost breakdowns, SSO redirect handling, and a big batch of data-wizard, framework-builder, and ordering fixes.Fri, 05 Jun 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w22https://intuitem.com/whats-new-ciso-assistant-2026-w22A big stretch: native project management arrives, framework-driven reporting goes cross-domain, requirement nodes gain their own score scales, and OIDC picks up a strict state/nonce mode. Plus new NCSC CAF v4.0 and TRUE II frameworks, analytics on applied controls, the psycopg2→psycopg3 upgrade, and a long tail of fixes across four releases (v3.16.5 → v3.17.0).Sat, 30 May 2026 00:00:00 GMThttps://intuitem.com/postgresql-vs-sqlite-2026-benchmarkhttps://intuitem.com/postgresql-vs-sqlite-2026-benchmarkWe benchmarked PostgreSQL 16 against SQLite 3.46.1 under a real CISO Assistant workload on a single 1 vCPU / 8 GB host. The results weren't what we expected — SQLite-WAL won on most read patterns.Tue, 26 May 2026 00:00:00 GMThttps://intuitem.com/ciso-assistant-docs-restructurehttps://intuitem.com/ciso-assistant-docs-restructureWhy we're restructuring the CISO Assistant documentation — clearer mental models, concepts separated from guides, versioned with the code, and open to community contributions.Mon, 25 May 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w21https://intuitem.com/whats-new-ciso-assistant-2026-w21Two releases land back-to-back: v3.16.3 brings the AI Defense Matrix and KSA PDPL frameworks, a Responsibility Matrix (RACI/RASCI/RAPID), Ebios RM import in Egerie format, task labels, and full Estonian language support — followed by a v3.16.4 hotfix round covering Matrix Editor, breadcrumbs, and journey templates.Tue, 19 May 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w20https://intuitem.com/whats-new-ciso-assistant-2026-w20v3.16.2 brings two new framework libraries (EU CER directive, UK Defence Standard 05-138), an experimental UI mode for asset creation, a specialized wizard for customer questionnaire prefill, the start of CBDDO and DoW ZT-OT framework support, plus a healthy round of audit performance work, mapping engine fixes, and i18n improvements.Wed, 13 May 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w18https://intuitem.com/whats-new-ciso-assistant-2026-w18A focused v3.16.1 release: a new journeys editor, Azure Blob Storage as an alternative to S3, AI chat memory improvements, EPSS feeds, IEC 62443 outline, NIST CSF 1.1 enriched with reference controls, expanded respondent mode for third parties, and a steady stream of performance and bug fixes.Sun, 03 May 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w17https://intuitem.com/whats-new-ciso-assistant-2026-w17A heavy v3.16.0 release: merge applied controls, action plans for incidents, custom analytics dashboards, four new framework libraries (CNDP Morocco, OIV Air Transport, 3CF v3.1, recyf enrichment), NIST CSF 2.0 recommendations, and a long sweep of UX, performance and bug fixes.Sun, 26 Apr 2026 00:00:00 GMThttps://intuitem.com/auditing-mcp-servers-ox-advisoryhttps://intuitem.com/auditing-mcp-servers-ox-advisoryReading ox.security's MCP advisory against the real Model Context Protocol attack surface, and a ten-minute audit for MCP server authors.Fri, 24 Apr 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w16https://intuitem.com/whats-new-ciso-assistant-2026-w16Container hardening, Cyfun 2025 scoring and export, richer import/export across TPRM, findings and risk assessments, DORA subcontracting chains, and a wave of UX polish.Sun, 19 Apr 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w15https://intuitem.com/whats-new-ciso-assistant-2026-w15Security keys as a second factor, expanded vulnerability management, five new frameworks, a redesigned timeline, and EBIOS RM light mode.Sun, 12 Apr 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w14https://intuitem.com/whats-new-ciso-assistant-2026-w14DORA incident reporting, MCP vulnerability tools, framework builder fixes, degraded status for controls, and new language contributions for risk matrices.Sun, 05 Apr 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w12https://intuitem.com/whats-new-ciso-assistant-2026-w12Chat mode, framework builder with revamped questionnaire respondent, visual risk matrix editor, universal fuzzy search, SoA generation, vulnerability import, and Korean language support.Sun, 29 Mar 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w11https://intuitem.com/whats-new-ciso-assistant-2026-w11Markdown policy editor with lifecycle management, persistent table filters, modernised command palette, cost summaries on action plans, SSO security hardening, and ReCyF framework support.Sun, 22 Mar 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w10https://intuitem.com/whats-new-ciso-assistant-2026-w10Admin-controlled default language, expanded folder navigation, Journey feature flags, broader currency support, customisable email and report templates, and DORA 4.0 ROI alignment.Sun, 15 Mar 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w09https://intuitem.com/whats-new-ciso-assistant-2026-w09Enforced MFA, advanced audit analytics with radar charts, EBIOS RM interactive graph editor, onboarding presets and journeys, PostgreSQL SSL support, and three new framework libraries.Sun, 08 Mar 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w08https://intuitem.com/whats-new-ciso-assistant-2026-w08ITIL 4 library, expanded validations, Kubernetes ServiceAccount support, Skeleton UI v4 migration, and a raft of notification and export fixes.Sun, 01 Mar 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w07https://intuitem.com/whats-new-ciso-assistant-2026-w07Findings-to-threats linking, generalised 'pick existing' pattern, MCP context improvements, campaign feature flags, and a wave of translation and UX fixes.Sun, 22 Feb 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w06https://intuitem.com/whats-new-ciso-assistant-2026-w06Batch actions on tables, partial requirement assignments, sticky form buttons, the Moroccan cybersecurity framework, and a critical data-integrity fix in v3.11.5.Sun, 15 Feb 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w05https://intuitem.com/whats-new-ciso-assistant-2026-w05A packed week: Excel library import, optional perimeters, evidence metrics, the RBI framework, a data-wizard overhaul, and the move to Django 6.Sun, 08 Feb 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w04https://intuitem.com/whats-new-ciso-assistant-2026-w04v3.10.4 refines the GDPR module with breaking simplifications, adds audit score aggregation options, manager review of assignments, and the BIO2 framework.Sun, 01 Feb 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w03https://intuitem.com/whats-new-ciso-assistant-2026-w03A landmark week: the Actors concept arrives, AI-powered MCP skills for TPRM and EBIOS RM, domain focus mode, Kanban for controls, CIS-to-NIST/ISO mapping tools, and much more across four releases.Sun, 25 Jan 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w02https://intuitem.com/whats-new-ciso-assistant-2026-w02v3.9.2 brings the Estonian E-ITS framework, MITRE ATT&CK v18.1, Chinese (Simplified) translation, richer asset exports, and quality-of-life fixes for IdP and policy management.Sun, 11 Jan 2026 00:00:00 GMThttps://intuitem.com/whats-new-ciso-assistant-2026-w01https://intuitem.com/whats-new-ciso-assistant-2026-w01Kicking off 2026 with session security hardening after 2FA enrollment, audit performance improvements, and better implementation group handling.Sun, 04 Jan 2026 00:00:00 GMThttps://intuitem.com/ai-assisted-mappinghttps://intuitem.com/ai-assisted-mappingSummary of our ongoing research on accelerating the creation of consistent frameworks mappingsSat, 25 Oct 2025 00:00:00 GMThttps://intuitem.com/fiche_lecture_how_to_measure_anythinghttps://intuitem.com/fiche_lecture_how_to_measure_anythingMon ambition avec cette fiche est de retenir les points essentiels de cet ouvrage, devenu une référence pour la quantification du risque cyber. La première édition est parue en 2016, et la deuxième édition de 2023 approfondit et actualise les concepts.Sun, 17 Aug 2025 00:00:00 GMThttps://intuitem.com/heat-mapshttps://intuitem.com/heat-mapsHeat maps aren’t evil but limited. Quantitative risk assessment is always preferable when feasibleMon, 10 Feb 2025 00:00:00 GMThttps://intuitem.com/operational-grchttps://intuitem.com/operational-grcOperational GRC transforms traditional governance by focusing on actionable security measures. This approach integrates GRC directly into daily operations, enhancing data-driven decision-making and operational efficiency.Sat, 28 Dec 2024 12:39:00 GMThttps://intuitem.com/overview-ai-risk-management-frameworkhttps://intuitem.com/overview-ai-risk-management-frameworkNIST's AI Risk Management Framework: overviewSat, 16 Mar 2024 00:00:00 GMThttps://intuitem.com/security-orchestration-automation-response-soarhttps://intuitem.com/security-orchestration-automation-response-soarThis article is an introduction to Security Orchestration, Automation, and ResponseFri, 02 Feb 2024 00:00:00 GMT