Launched this week

CRML

Launched this week

CRML is a declaritive language for writing cyberrisk as code

5.0•1 review•

262 followers

CRML is a declaritive language for writing cyberrisk as code

5.0•1 review•

262 followers

Visit website

Security software

We have infrastructure as a code, network as a code but dont have anything as Risk As a Code. CRML is an open, declarative, engine-agnostic and Control / Attack framework–agnostic Cyber Risk Modeling Language. It provides a YAML/JSON format for describing cyber risk models, telemetry mappings, simulation pipelines, dependencies, and output requirements — without forcing you into a specific quantification method, simulation engine, or security-control / threat catalog.

CRML Reviews

Name: CRML
Rating: 5.0 (1 reviews)

The community submitted 1 review to tell us what they like about CRML, what CRML can do better, and more.

5.0

Based on 1 review

Review CRML?

Reviews

Most Informative

Founder Reviews

Other Reviews (1)

•1 review

What's great

risk as a code (1)

CRML is a powerful step toward making cyber risk measurable and repeatable. By treating cyber risk as code, CRML enables security teams to move from subjective assessments to structured, version-controlled risk modeling that can evolve alongside systems.

What needs improvement

Support of More Engines would help to increase its adoption.

vs Alternatives

This is a very unique approach which haven't observe in any other solutions.

Did JSON Schema validation catch common modeling mistakes?

Yes, while formulating the language the Schema Validation did captured the modeling mistakes

Did you successfully run 10k+ Monte Carlo simulations?

Yes, I ran a monte carlo simulations on various aspects of risks.

Was the Python API well-documented and stable?

Yes, the python API were well documented and stable, making it just a simple pip install.

Ratings

Ease of use

Reliability

Value for money

Customization

Report

8 views2d ago

View all