The Need for Security Assurance in Supply Chains

The acquisition of different levels of security assurance in an organisation’s Supply Chain is a highly demanding process. Supply Chains must act proactively by imposing security qualities in order to be appropriately prepared for and to endure the process. Primitive evidence gathering in supply chains is essential for certification. When ensuring the security features of a supply chain, basic data and events that take place on its foundation are essential.

SPHYNX’s Security Assurance Platform includes, amongst others, two components towards this direction, namely EVEREST and Event Captors. An Event Captor is a tool that, based on the collected data and triggering events, formulates EVEREST-based events and pushes them towards EVEREST for evaluation. Data and events are collected through various sources such as ElastiSearch where lightweight shippers forward and centralize log data. The evidence collection engine is initiated on demand by the auditing mechanism. This tool is essential for the evidence auditing mechanism functionality because it collects and feeds the essential information from the assets as events.

EVEREST is a tool that can be used by a wide range of companies and provides means for cybersecurity certification. Specifically, this tool monitors the systems’ security properties that are set and produce a cybersecurity posture notion to ensure that these properties are well applied and interconnected with each other. By outlining the applicability flaws and informing the business on its cybersecurity state, it carries out the aforementioned tasks. The organizations may be prepared to start the certification procedure after finishing the process of conducting several evaluations and meeting the requirements.

The aforementioned tools are already being validated through CYRENE’s piloting cyber systems.

So what do you think of EVEREST and Event Captors that are being used in the CYRENE framework?  

Reach out to us and share your views either by using our contact form or by following our social media accounts on Twitter and LinkedIn.

Don’t forget to subscribe to our Newsletter for regular updates!

This blog is signed by: Michalis Smyrlis of the Sphynx Technology Solutions AG team


Project Coordinator: Sofoklis Efremidis
Institution: Maggioli SPA
Email: info{at}
Start: 1-10-2020
Duration: 36 months
Participating organisations: 14
Number of countries: 10



EU flagThis project has received funding from the European Union’s Horizon 2020 Research and Innovation program under grant agreement No 952690. The website reflects only the view of the author(s) and the Commission is not responsible for any use that may be made of the information it contains.