Published under Risk Management


Tool Identity Card

General information
Basic information to identify the product

Tool name : WCK
Vendor name : WCK
Country of origin : Israel

Level of reference of the tool
Details about the coverage or the « originators » of the solution

Coverage :

  • World-wide (state oriented): 17
  • World-wide (sector oriented): Critical Infrastructure 3, Financial Services 12, Healthcare 1
  • Regional: ValueSEC,CEPS

Supported by organization, club,... (e.g. as sponsor) : ValueSec, WIB

Brief description of the product
Give a brief description of the product containing general information, overview of functions:

  • WCK software is a holistic risk management solution for cyber security, IT and especially designed for critical infrastructure protection.  It automates the entire risk management lifecycle and includes workflows for ongoing reviews and audits, receiving automated data from external security tools, remediation workflows and customizable decision-support dashboards and reports.

Supported functionality
Specify the functionality this tool provides.

R.A. Method activities supported

  • Risk identification
  • Risk analysis
  • Risk evaluation

Other phases

  • Asset inventory & evaluation

R.M. Method phases supported

  • Risk assessment
  • Risk treatment
  • Risk acceptance
  • Risk Communication

Other phases:

  • Business Impact and Dependency Analysis
  • Compliance Analysis
  • Development Life Cycle
  • Business Continuity

Other functionality

  • N/A

Information Processed

  • Assets, reviews, controls, questionnaires, risks, mitigations, threats

Date of the first edition, date and number of actual version

Date of first release : 2008
Date and identification of the last version : V2.44 released 15 Aug 2013

Useful links
Link for further information

Official web site : www.wck-grc.com
User group web site : N/A
Relevant web site : N/A

List the available languages that the tool supports

Languages available : English, German, Italian,Hebrew

Pricing and licensing models
Specify the price for the product (as provided by the company on March 2012)

  • Price: 3 pricing models:Annual license model, perpetual license model and special model for use by consulting firms.
  • Maintenance: N/A

Sectors with free availability or discounted price : N/A

Trial before purchase
Details regarding the evaluation period of the tool

Trial period : Case by case

Tool architecture
Specify the technologies used in this tool

  • Database: SQL Server 2008R2
  • Web Server: IIS
  • Application Server: None
  • Client: IE v7 and above

Page top


Target public
Defines the most appropriate type of communities for this tool

  • Government, agencies
  • Large scale companies
  • SME (2nd tier target)

Specific sector : N/A

Information concerning the spread of this tool

General information : World-wide in many different organizations

  • Used inside EU countries: 6 countries
  • Used outside EU countries: 11 countries

Level of detail
Specify the target kind of people for this tool based on its functionality


Compliance to IT Standards
List the national or international standard this tool is compliant with

  • ISO27001
  • NIST 800-53
  • CobiT
  • ISA99

Tool helps towards a certification
Specify whether the tool helps the company toward a certification according to a standard

  • N/A

Information about possible training courses for this tool

  • Course : Improving risk and compliance management processes
  • Duration : 3 days

Page top

Users viewpoint

Skills needed
Specify the skills needed to use and maintain the solution

  • To install : None
  • To use : None
  • To maintain : None

Tool Support
Specify the kind of support the company provides for this product

Support : N/A

Organization processes integration
Describe user roles this tool supports

Supported Roles

  • Active Directory – for authentication of the users allowed working with the tool
  • SMTP mail server – for sending different alerts from the system

Integration in Organization activities

  • N/A

Interoperability with other tools
Specify available interfaces or other ways of integration with other tools


  • Connection through Web Services, direct DB access or file based integration with vulnerability scanners, SIEM, task management, CMDB (or any other asset repository)

Sector adapted knowledge databases supported
Name and describe the sector adapted databases that this tool provides

  • N/A

Flexibility of tool's database
Can the database be customized and adapted to client requirements?

  • Microsoft SQL Server: Can be standard edition, enterprise or even SQL Express
Browse the Topics

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies