logo

FAQ

Frequently asked questions about our various solutions

Arimes StandAlone

Arimes StandAlone

Arimes Web

Arimes Web

Agrios

Agrios

Basileak

Basileak

Ebios Risk Manager

Ebios Risk Manager

dots1
dots1
dots1

Arimes StandAlone

Do you have a sample study?

To get started, you can create an empty study. Alternatively, we suggest starting with the example file, which already contains grids and frameworks.

Download our sample study (v2.0)
How do I import a framework?

Studies rely on frameworks; you can enter them manually in activity 1.4 or import them along with their requirements in .json format. To import a framework,
1. At the top left of the application, click the import button 📥
2. Select JSON as the import type
3. Import the file. You can use the example below of the ANSSI 42-rule hygiene guide evaluation template.
4. Select "Frameworks (1.4)", "Security framework requirements (1.4)" and "Requirement status (1.4)", then click Import.
5. If any objects are detected as duplicates, a wizard will guide you through merging the information.
6. The import may take about ten seconds.
7. Once the import is complete, you'll find the framework in activity 1.4.

Download the ANSSI Hygiene Guide evaluation template in .json format
How do I import requirements into a framework?

You can enter requirements manually in a framework in activity 1.4 or import them in .csv format. To import a framework's requirements,
1. Go to activity 1.4
2. (Optional) Add a framework (+)
3. (Optional) Enter the information relating to this framework. For ANSSI's IT hygiene guide:
 • Type: Basic rules & hygiene
 • Description: This guide contains 42 measures to strengthen the security of your information system.
 • Compliance indicator: Partially applied.
 • Version: Version 2.0 - September 2017.
4. Select the row of the created framework.
5. At the top left of the frameworks table, click Import csv 📥
6. Import the .csv file. The expected format is Level,Title,Description,Applied,Comment,[Category].
7. The import may take a few minutes.
8. Once the import is complete, your requirements will be available in the second table.

Download the ANSSI 42-rule hygiene requirements in .csv format
How do I fill in the CIA-T rating of my business assets?

The CIA-T scale is not part of the Ebios RM method. If you still wish to fill it in, this can be done in workshop 1.3 at the impacts level.
The json file below lets you import the complete scale (C, I, A, T at levels 0 to 4) into your study. After importing the data, the CIA-T levels should be added as impacts on your business assets.

Download the CIA-T scale for Arimes Standalone
Are my backups protected?

To avoid any data loss and ensure compatibility across different machines (Windows, Linux) and different application versions, we chose not to encrypt the file. If you want to protect and exchange it, we recommend placing it in a ZED! (Primx) archive.

Can study files be exchanged?

All the study's information is contained in the .arimes file. This is your save file, usually under 2 MB. You can easily share and transfer this file.


Arimes Web

How do I connect Arimes Web to my company's LDAP?

From the form available in the administration interface.

How do I import requirements into a framework?

You can enter requirements manually in a framework in activity 1.4 or import them in .json format. To import a framework's requirements,
1. Go to Activity 1.4 > Frameworks
2.a If you already have a framework
 i) Edit the framework ✏️
2.b If you don't have a framework
 i) Create Framework
 ii) Enter the information relating to this framework. For the ANSSI IT hygiene guide evaluation template:
  • Title: IT hygiene guide evaluation template
  • Type: ANSSI Guide
  • Description: ANSSI's hygiene guide contains 42 measures to strengthen the security of your information system.
3. In the Import requirements field, import the .json file.
The expected format is [{'title': 'string', 'description': 'string', 'category': 'string', 'justification': 'string', 'statusLevelId': int}, {...}].

Download the ANSSI Hygiene Guide evaluation template in .json format

Agrios

How do I connect Agrios to my company's LDAP?

From the form available in the administration interface.

How do I enable MFA?

First, enable the feature in Administration > Authentication Sources, with 2 available modes:
-Per-user activation.
-MFA enforced for all users.
In the case of per-user activation only, you edit a user account to specifically enable MFA (Portfolio Manager role required to modify a user): go to My Profile > Edit > check Enable two-factor authentication.

How do I import data via a spreadsheet?

The admin role ('Portfolio Manager') is required to import data.
Go to the Agrios home page > Excel import of elements. Make sure the columns match the configuration set up in Administration > Import/export configuration.

Is it possible to duplicate a risk, a measure, a treatment or a monitoring entry?

Yes, data can be duplicated. When an item is duplicated, you are asked whether the child items should also be duplicated. The 'monitoring' level is not duplicated.

Is it possible to reorder my portfolio?

It is not currently possible to reorder the items in your portfolio. They are sorted by creation date.

How do I import an Arimes Web study into Agrios?

To import a study:

- access to the import interface on Agrios is currently restricted to a 'Portfolio Manager' profile. To test an import, you must log in with a user who has this role;
- for Agrios to be able to contact the Arimes Web API, enter the API contact URL in the 'Administration > Application Configuration' menu, in the 'Arimes Web Connection' section;
- if you encounter connection errors during import, please let us know so we can make the appropriate network adjustments between the 2 applications.
- next, an API token is required per user. It can be generated in Arimes Web, in the 'Administration > User API Tokens' menu. An API token has the format 'arip-'. This token is then entered in Agrios, in the "Imports > Arimes Web Import" menu.

This API token both authorizes API requests and determines which studies are accessible depending on the user associated with the token and their permissions in Arimes Web. A user on the Arimes Web side must have access to the entire study to be able to import it into Agrios (otherwise an import error will be displayed).


Basileak


Ebios Risk Manager

What are the advantages of using the EBIOS method compared to other risk assessment methods?

The EBIOS method, developed and actively maintained by ANSSI, is an effective approach for assessing information security risks. It incorporates a compliance-based approach before looking at scenarios, and takes the overall ecosystem into account. Dedicated to cyber risks, EBIOS uses a likelihood assessment method specific to cyberattacks.