ciso-assistant-community

CISO Assistant Community is a cybersecurity management platform focused on governance, risk, and compliance. The server provides a centralized hub to connect cybersecurity concepts, supports open formats for customization, and includes built-in risk assessment and remediation workflows. Once the container or service is running, you can access the web UI and API to configure frameworks, import/export data, and automate repetitive tasks across your security program. The tool is designed to be API-first, enabling automation and integration with other systems (UI, CLI, Kafka, and reports). Use the UI to browse and manage objects, import data from various formats, and link controls with evidence and remediation steps. The API allows you to programmatically create assessments, import results, and trigger remediations, making it suitable for automation pipelines and custom dashboards.

Prerequisites:

• Docker and Docker Compose installed on your machine
• Git installed

Step 1: Clone the repository

git clone --single-branch -b main https://github.com/intuitem/ciso-assistant-community.git
cd ciso-assistant-community

Step 2: Use the provided Docker setup

• If there is a docker-compose setup in the repo (recommended), you can start the services with:

./docker-compose.sh

• If you prefer manual Docker usage, pull and run the image directly:

docker pull intuitem/ciso-assistant-community

docker run -d --name ciso-assistant-community -p 80:80 intuitem/ciso-assistant-community

Step 3: Access the service

• Web UI: http://localhost
• API: http://localhost/api (consult the docs in the repository for exact endpoints)

Step 4: Optional configuration

• If you need to customize settings, use the config builder in the repo as referenced in the docs and re-create the container with the appropriate environment variables and volume mounts as described there.

Tips and notes:

• The project supports multiple frameworks and import/export capabilities across UI, CLI, Kafka, and reports. Review the online docs for the latest supported frameworks and data formats.
• When running Docker locally on Windows, ensure Docker Desktop is configured correctly (WSL for Windows Subsystem for Linux).
• If you encounter platform warnings in images, try using the provided build scripts or switch to a tag-based stable image as suggested by the project maintainers.
• Environment variables may include toggles for security, logging, and integration endpoints; check the config builder docs for a full list and placeholder values.
• Keep an eye on the repository’s Roadmap and Documentation for new features and breaking changes.