Denomas Security Automation Software (73271)

Jan 1, 2020 · 2 min read

Project Goal

Denomas Security Automation Software is a modular platform designed to strengthen organizations’ cybersecurity posture. Its primary goal is to automate full compliance with international security standards such as ISO 27001, PCI-DSS, HIPAA, and NIST, as well as the Presidential Guide for Information and Communication Security. The software continuously checks device configuration settings, detects and reports missing or erroneous configurations, and automatically corrects these settings to maximize the security level.

Technologies Used

The platform is built upon industry-standard protocols and languages to automate security audits:

  • Security Standards: SCAP (Security Content Automation Protocol), OVAL (Open Vulnerability and Assessment Language)
  • Compliance Frameworks: ISO 27001, PCI-DSS, HIPAA, SoX, NIST, Presidential Security Guide
  • Supported Systems: Continuously updated security control lists for Debian, Pardus, Ubuntu, Rocky Linux, Microsoft Windows Server, Oracle, and more.

My Role and Contributions

As the founder and lead developer of this project, I conceptualized and architected the product. My aim was to create a fast and efficient automation engine capable of completing manual security audits, which typically take days, within minutes. By adopting international standards like SCAP and OVAL, I ensured the platform’s seamless communication with various systems and manufacturers. I designed automated correction and improvement steps, developing not just a detection tool, but a living security solution that continuously enhances the system.

Key Features

  • Automated Compliance Controls: Performs security audits consisting of hundreds of control items on hundreds of systems within hours or minutes.
  • Configuration Auditing and Automatic Correction: Instantly detects configuration errors in devices and automatically corrects them according to predefined policies, ensuring continuous compliance.
  • Single-Point Management: All software and system audits can be performed from a single center without the need for additional agents.
  • Detailed Reporting and Monitoring: Provides manager and auditor-friendly reports summarizing compliance status or non-compliance. All changes are logged and monitored from a centralized dashboard.
Denomas Security Automation Compliance Management SCAP OVAL Information Security
Tolga Karataş
Authors
Tolga Karataş
Chief Scientist