Deakin University NIST Toolkit

 

Learn how final year students are using Workflow86 to build a NIST cybersecurity self-assessment toolkit without having to write any code. Join them as early access users by signing up πŸ‘‰ hereΒ 

Background πŸ”

Final year cybersecurity students at Deakin University are tasked with building a cybersecurity product as part of the Deakin Industry Student Capstone (DISC) program at the School of Information Technology. Students are tasked with tackling real problems faced by industry partners, and the products they build are used and tested in real business settings. Various teams tackle different areas and problems. One team was tasked with building a NIST Toolkit where users could perform an assessment based on the NIST framework, and then receive an automatically generated report with analysis on their answers, as well as recommendations.

The Problem πŸ˜•

The team had developed a lot of great content for the toolkit, including a comprehensive set of questions based on the NIST framework, a library of recommendations, a question scoring system that was customized based on industry, a process for how answers to questions would be matched with recommendations, and more.

All of this however was stored and implemented in excel spreadsheets. The team was stuck on how they could make the jump from spreadsheets to an actual digital product.

Most of the team were non-technical when it came to developing web applications, so coding something from scratch was going to be very hard if not entirely unfeasible. A basic front-end interface had been started, but not progressed very far. One of the biggest challenges faced by the group was how they would implement and maintain the complex back-end logic that was needed to perform all of the scoring, recommendation selection and document generation. On top of this, they also had to consider all of the infrastructure that is required for a web app such as hosting, deployment and maintenance, file storage, access controls and so on.

So what about using no-code tools like Zapier or Power Automate? The problem was that the NIST Toolkit was not a simple workflow – it was a complex workflow containing layers of business logic and reasoning, scoring calculations, recommendation matching, and document generation. Other no-code products which focused on more linear workflows or connecting different apps and services together weren’t able to meet what was required by the team.

A perfect fit for Workflow86 πŸ’ͺ

The problem faced by the team was a perfect fit for Workflow86: turn a complex workflow with technical expertise into a digital product + make it easy so anyone could use it + make it really fast (as in MVP in a few weeks fast).

Workflow86 provided a single, easy to use no-code platform with all the tools and flexibility the team needed to build out their product. The online form builder provided the team with an easy way to create their NIST self-assessment questionnaire. The data from the form would then be processed by conditional logic and calculation stages, and then select recommendations from a knowledge bank to generate a report. All of this configured using drag and drop, without any code needing to be written.

Built-in versioning control allowed the team to iterate quickly and push changes from development to production with a single click. Team members could also work on the same workflow simultaneously, with different team members working on particular components at the same time without conflict. Access control, file storage, logs and tracking were also convienently handled inside the platform as well.

What’s next? πŸ€”

The team at Deakin have been busy translating all aspects of their NIST toolkit into the Workflow86 platform. They are now on track to have a functional MVP by the end of January.

Why we love this case study πŸ™Œ

We love this case study because it’s a great demonstration of what is possible with Workflow86. A project that had stalled for months due to technical and resource limitations gained rapid momentum in just a few days. A talented group of up-and-coming cybersecurity professionals have also been able to unlock the full potential of their work by turning it into a real, functional product that can be used on a massive scale.

Sign up for early access πŸ‘‡

To join as early access users of Workflow86, go to get.workflow86.com

We are releasing invitations to early access users in batches over the coming weeks, so sign up now to get your spot.