Securi CAD by Foreseeti: A CAD Tool for Enterprise Cyber Security Management

This paper presents a CAD tool for enterprise cyber security management called securi CAD. It is a software developed during ten years of research at KTH Royal Institute of Technology, and it is now being commercialized by foreseeti (a KTH spin-off company). The idea of the tool is similar to CAD tools used when engineers design and test cars, buildings, etc. Specifically, the securi CAD user first models the IT environment, an existing one or one under development, and then securi CAD, using attack graphs, calculates and highlights potential weaknesses and avenues of attacks. The main benefits with securi CAD are, 1) built in security expertise, 2) visualization, 3) holistic security assessments, and 4) scenario comparison (decision-making) capabilities.