Flex Protection Logo

Streamlined Cybersecurity education, planning, assessment, monitoring, and testing

Risk Assistant: Your Private Cyber Risk Management Framework

The Simple, Powerful Weapon To Protect Your Data and Critical Assets

Show your management or clients that you are taking action to reduce cybersecurity risks, and to implement best practices.

Use your private cloud-based Risk Assistant tool to import common risks and add additional threats you may face. Deploy effective defensive measures to reduce and track overall risk. Use your personal dashboard to manage your exposure and your flexible preventative measures.

It's free for companies and organizations registering in the next 90 days, using the short form below.

View a short demo of the user-friendly Risk Assistant tool.

Software and data to track risks and threats

Registration: Complete this short form to activate your free Risk Assistant platform.


Enroll in the Defender program instead

Poor security can be stressful.

Tracking Cyber Threats Can Be Exhausting

Users can work with confidence.

Risk Assistant Provides Peace of Mind

Example Risks From Risk Assistant Database

  • Social Engineering attacks
  • Shared passwords
  • Poor password management
  • Ransomware attacks
  • End-of-life system software
  • Invalid input in web application
  • Default Login and Password on devices
  • Unsecured IOT devices
  • User awareness training stale, forgotten
  • Improperly configured user accounts
  • Weak encryption
  • Buffer overflow
  • Non-updated machine as attack pivot point
  • Third party unmonitored network access
  • Unauthorized VPN access
  • Unauthorized RDP access
  • Improper certificate & key management
  • Post-incident weak or ineffective response

Example Defensive Measures From Risk Assistant Database

  • Documented, comprehensive Information Security Policy
  • Overall Risk Assessment by qualified third party
  • Current inventory of data stores: where, how accessed, how protected
  • Current inventory of hardware devices: data stored, how protected
  • Web Application vulnerability scan with ZAP or similar
  • Network vulnerability scan with NESSUS or similar
  • Airgap - physically separate critical data stores
  • Keep operating systems version current
  • Automated full or differential backups for server data
  • Validate all user input before using
  • Audit and correct default ID/Password on all devices
  • Inventory and Secure IOT devices
  • User awareness re-training
  • Audit and verify need for all accounts
  • Cipher Suite (protocol, length, hash)
  • Update all virtual/physical devices regularly
  • Formal certificate process, plan, issuer, intermediate, responsibility
  • Incident Response Plan

Flex Protection Logo

Copyright 2021 National Training Systems 16586 N Dale Mabry Hwy. Tampa FL 33618  --  Training provided by FlexTraining