Security Posture Management (SPM) is the art and science of monitoring and managing business security status by orchestrating process, people, and technological resources to achieve security objectives. This involves identifying business critical IT assets, evaluating their risks based on vulnerabilities and the impact of potential threats, and mapping results directly to controls to initiate appropriate countermeasures.
Aegify SPM is powered by Rapid7’s Nexpose vulnerability management technology, which scans physical and virtual networks, databases, operating systems and web applications, enabling customers to remediate vulnerabilities and misconfigurations and to enforce policies. Rapid7 ( http://www.rapid7.com ) is a leading provider of IT security risk management solutions used by more than 2,000 enterprises and government agencies in more than 65 countries.
Aegify is a complete integration of eGestalt’s HIPAA and PCI compliance tool SecureGRC ( http://www.egestalt.com ), with security posture management capability using an innovative, patent-pending expert systems technology to automatically map the security vulnerabilities to compliance mandates. The tool can import data from other standard vulnerability scanners in the industry as well.
Says eGestalt President Anupam Sahai, “We are very excited about the strategic partnership with Rapid7. Aegify is the first true, software- and cloud-based unified security and IT-GRC solution on the market with end-to-end automation including vendor management and support for multiple compliance business frameworks such as PCI, HIPAA/HITECH, SOX, FISMA, and GLBA. This is also the first product in the market which can automatically map security vulnerabilities to compliance mandates using an innovative expert systems approach thereby eliminating manual work required and saving significant costs. It advances the state of the art in the industry besides still continuing to be 10 to 20 times more cost-effective than any other competing solution.”
There are thousands of security exposures identified and documented as ‘vulnerabilities’
“Aegify SPM brings a new cloud-based approach to managing security posture that is innovative, easy to use, and extremely valuable for defenders,” said Sheldon Malm, Senior Director of Strategic Partners and Alliances at Rapid7. “By leveraging Rapid7 technology, Aegify SPM provides a comprehensive view of exposure risk that is directly connected to business assets and compliance management. This is a complementary offering that will benefit our joint customers.”
A cloud application, Aegify’s SPM “all hands on deck” threat management approach performs asset discovery, vulnerability analysis, risk profiling, threat impact analysis and compliance mapping. It can identify 92,000 vulnerability checks for more than 31,800 vulnerabilities across physical and virtual networks, operating systems, databases, and Web applications.
The cloud-based Aegify engine is driven in large part by eGestalt’s flagship product Aegify SecureGRC, a unified security and compliance management tool that includes all of the necessary security and IT-GRC functionality required to gain control and improve compliance levels across more than 400+ regulations.
While the framework allows for the easy plug-in of any regulation or standard, eGestalt currently offers to the channel ready-to-roll compliance services with built-in frameworks to support the most stringent and popular regulations including PCI, HIPAA/HITECH, SOX, FISMA, and GLBA, as well as more country-specific regulations. Extensible with built-in frameworks, the Aegify SecureGRC solution offers a simplified approach for PCI, HIPAA/HITECH and other country specific frameworks ready-to-use out of the box. It provides automated mapping of a network’s security posture to compliance controls.
All told, the integrated Security Posture Management solution Aegify offers a single approach to security and compliance management, and because it is delivered as SaaS, it is available at low cost due to its “pay –as-your-grow”
A Community Edition for diagnostics is available as a free download at http://www.egestalt.com/
About eGestalt Technologies Inc.:
eGestalt ( http://www.egestalt.com ) is a world-class, innovation driven, leading provider of cloud-computing based enterprise solutions for information security and IT-GRC management. eGestalt is headquartered in Santa Clara, CA, and has offices in the US, Asia-Pacific and Middle East. eGestalt SecureGRC was given a rating of 4.5 stars (out of a maximum 5) with 5 stars for Features, Support and Value for money by SC magazine in June 2012. In Feb. 2012 eGestalt President Anupam Sahai was named a Channel Chief by Everything Channel’s CRN. eGestalt has been ranked in the Top 10 Vendors for Compliance Management and Data Access & Security by Hypatia Research, Q4 2011. eGestalt was nominated Breakthrough Technology Vendor at XChange Americas, Aug. 2010, and selected by SiliconIndia among the “Top 10 Security Companies to Watch.” Its SecureGRC application was voted runner-up in the Managed Services Category at XChange Tech Innovators, Nov. 2010. In Sept. 2011 it was selected by Everything Channel as a 2011 CRN Emerging Technology Vendor as well as a 2011 Tech Innovator for Managed Services.
Press & Media Contact:
Victor Cruz, Principal
For eGestalt Technologies
Santa Clara, CA - USA