Make the invisible visible
Only what you can see, you can protect yourself from
Cybercrime is known to be a high risk for small and large companies. Large companies and multinationals have their own expensive solutions, which SMEs cannot afford.
Since hackers are also attacking SMEs and all forecasts predict a sharp increase, we have developed JOUO, a tool for SMEs. It analyzes the entire cyber infrastructure of a company that is accessible externally: websites, web servers and mail servers, etc.
On average, SMEs need between 2 and 5 weeks to secure or rectify vulnerabilities. With JOUO's data, your IT support can focus on the most risky vulnerabilities and prioritize the work easily and quickly. Normally implementable within 2-5 working days.
What hackers can see ...
SME management and their IT support are shown what hackers can see and more: JOUO is an AI tool that scans, analyzes and lists more than 150 metrics and vulnerabilities. JOUO takes a data-driven approach (based on proprietary algorithms and AI models) that does not stop at the risk assessment of a single attack vector found, but paints a complete picture of the security situation of all parties involved, including within a supply chain. This enables time series analyses that make threat patterns visible in a previously unknown amount of data.
JOUO is the most powerful tool in its price class for identifying vulnerabilities in your cyber infrastructure.
Cyber Security Risk:
Identify your "Blind Spots"
Nowadays, the technical vulnerability of IT systems can be easily monitored using various scanners and selected hardware. Management and IT departments are increasingly aware of the risk of attacks from other networks into their own internal infrastructure.
However, the "blind spots" of companies' externally accessible cyber infrastructure, which are either unknown or underestimated, remain an open flank of IT security. Such as cyber infrastructure that is not directly managed by the company's own IT department or whose risk potential for the company's own critical infrastructure is underestimated. The risk that can emanate from poorly maintained websites is also underestimated.
"Supply chain": In addition to a company's own cyber infrastructures, the linked cyber infrastructures of customers, suppliers and cooperation partners are also a risk if they have vulnerabilities.
Extract JOUO Dashboard
With JOUO, we close these "blind spots": we provide you with a cyber security risk analysis of your own digital cyber infrastructure and that of your trading and supply partners from an external perspective: as a status check and as a monitoring tool for future changes.
JOUO automatically monitors the vulnerabilities and entry points that an attacker could exploit to access sensitive data.
Using publicly available data, JOUO identifies and maps high-risk data flows and network communications that could expose an IT environment to threats and provides information on security vulnerabilities by means of risk scores. We also use the EPSS (Exploit Prediction Scoring System) to calculate our risk scores. The EPSS rating identifies for which vulnerabilities in your cyber infrastructure other companies have reported successful hacker attacks.
This provides you with valuable information about the security of your digital infrastructure. For servers that are in your possession, detailed information about the entire infrastructure and, if found, the type of vulnerability and recommendations for action are provided.
How do we do this?
JOUO uses heuristic models to calculate the probabilities of exploiting a vulnerability in your external cyber infrastructure and that of your business partners. In doing so, we rely on continuously collected data that has become known about the successful exploitation of a vulnerability.
JOUO takes a data-driven approach (based on proprietary algorithms and AI models) that does not stop at the risk assessment of a single attack vector found, but paints a complete picture of the security situation of all parties involved, including within a supply chain. This enables time series analyses that reveal threat patterns in a previously unknown amount of data: Our security analyses are based on over 400 million data records and growing!
Compliance - Data Protection - GDPR
Many companies are also still not sufficiently aware that publicly visible security vulnerabilities in the digital infrastructure are also subject to data protection laws. This means that they must be documented and it must be possible to prove that such security vulnerabilities are known and that measures have been taken to rectify them.
JOUO makes it easy and reliable to prove that the management knows exactly whether its cyber infrastructure (such as website(s), web servers and mail servers) is secure or has vulnerabilities. This can be proven at the "push of a button" in the event of a request for information.
Technical and Organizational Measures - TOMs
The creation of TOMs with all(!) technical data of an IP address is automated by JOUO. It is available since January 2024. Work that often takes several days (of IT support and legal support) to complete can be done at the touch of a button.
A PDF is created automatically, which can be submitted at any time with current data in the case of a request for information. It contains the technical measures (vulnerabilities, DNS data, certificate data, server information) and the organizational measures (access control, access control, access control, separation control, pseudonymization, transfer control, input control, availability control, data protection management, incident response management, data protection-friendly default settings, order control).
The Google Lighthouse Reports are also displayed as an add-on, because:
Security vulnerabilities influence the Google ranking of a website!
How to use JOUO
You can use JOUO independently of your existing IT infrastructure. JOUO has no influence on your existing applications and processes. You only need one access account. It is therefore ready to use immediately.
Our pricing model
OUO was developed by an SME for SMEs, as they cannot afford the expensive solutions for large companies. Our prices are based on the number of IP addresses examined and processed per domain. The starting point is a domain with a maximum of 30 IP addresses. To ensure that the cost calculation is fair and transparent, we work with "credit points". Users receive a "Credit Points" balance, for which they receive details of the scope of services they can use, including the duration.
JOUO can also be purchased by companies in a reseller setup for their end customers. Please contact us accordingly.
What is additional added value for you to use JOUO?
We explain this in our Insights articles: Learn more
Elimination of vulnerabilities and "Zero Trust" implementation
We also advise and support you in the remediation of the vulnerabilities indicated in JOUO: be it technical rectification, be it training measures. Also for the implementation of a Zero Trust concept.
Made and hosted in Germany
We have developed JOUO completely ourselves.
Our decades of experience for building complex and high quality software products has been incorporated.
JOUO is based on state-of-the-art technology and proprietary algorithms.
And "last but not least": Our certification process for JOUO is underway.