Welcome!

Cloud Expo Authors: Liz McMillan, Pat Romanski, Elizabeth White, Carmen Gonzalez, JP Morgenthal

News Feed Item

MetricStream IT GRC Solutions Witness Rapid Adoption as Companies Seek to Integrate Bottom-Up IT Control Processes with Top-Down Risk Intelligence

Leading analyst firm cites MetricStream as a pioneer in the IT GRC products market, and highlights its "strong vertical specific solutions" and "strong IT GRC capabilities around cloud and virtualized environments"

PALO ALTO, Calif., Dec. 13, 2012 /PRNewswire/ -- In today's increasingly virtualized, mobile, and cloudy world, Chief Information Officers (CIOs) and Chief Information Security Officers (CISOs) are confronted with complex challenges around information security, big data management, and compliance with regulations such as SOX, PCI DSS, HIPAA, NERC, FISMA, and ISO 27001. The traditional approach of managing these requirements in multiple silos and systems is not only inefficient and expensive, but also leads to redundancies and conflicts. Today, organizations seek to rationalize and harmonize their IT GRC processes, while also providing top-level visibility into enterprise IT risk and compliance data that can help determine areas of concern, and enable management to make quick, actionable decisions based on sound data points.

MetricStream provides a comprehensive suite of IT GRC solutions that aggregate and unify IT risk and information security and compliance data from across the hyper-extended enterprise. The solutions also help add business context to the data, as well as provide strong analytics capabilities to support mature, risk-oriented security programs.

The MetricStream solutions integrate with various applications – such as those for identity management, asset management, Security Information and Event Management (SIEM), threat and vulnerability assessment, intrusion detection and prevention, and security feeds – to consolidate data related to information security, and technology risks. Powerful dashboards present a real-time, top-level view of this information. The solution also facilitates a robust workflow-based approach to IT audit management and remediation management.

MetricStream IT GRC Solutions were recently reviewed by IDC, a leading provider of global IT research and advice, in its report - "MetricStream: Comprehensive Solutions for IT Governance, Risk, and Compliance[1]." The report highlights MetricStream's "strong intellectual property (IP) portfolio around GRC," its "strong portfolio of IT GRC products that address end-to-end customer requirements," and its "strong partnership with various technology vendors in the security, smart grid, network management, operations, and asset management spaces." The report also highlights MetricStream's "strong IT GRC capabilities around cloud and virtualized environments."

Mayur Sahni, Research Manager, Services at IDC Asia/Pacific says, "Compliance requirements today are non-negotiable, and it's imperative for enterprises to implement a structured, organization-wide approach to IT GRC. MetricStream has a broad set of technologies not only to enforce and implement IT controls, but also to collect and harvest the information required to manage risk and demonstrate governance."

MetricStream IT GRC solutions provide integration capabilities for IT security, cloud, infrastructure, General Computer Controls (GCC), and business application controls. It simplifies compliance across IT regulations, standards, and frameworks by supporting automated monitoring and reporting of IT risk and control effectiveness and provides comprehensive content for meeting compliance challenges, including over 5,000+ IT control statements from over 800+ authority documents through a partnership with UCF, which helps organizations harmonize on the smallest possible set of IT controls to meet all their compliance requirements. The solutions also provide robust IT audit management capabilities, streamlines the IT audit and compliance process, and enable multiple stakeholders to gain visibility into the status of these processes and their results. IT control or compliance issues that arise are automatically routed through a systematic process of investigation and remediation.

With MetricStream's acquisition of vPanorama cloud GRC technology from TBD Networks, the company is able to provide solutions that allow its customers to seamlessly manage risks, regulatory compliance challenges, privacy requirements, security threats, and performance metrics across the cloud & virtualized infrastructure. The technology has augmented MetricStream's IT GRC solutions by providing granular visibility and control over security configuration assessments, continuous controls monitoring, risk management, and threat and vulnerability management. It helps minimize inefficiencies, while enhancing the reliability and performance of the cloud infrastructure.

MetricStream's robust functionality has attracted marquee customers across industry segments, which include some of the largest and most respected companies in social media and Internet information, banking and financial services, healthcare, manufacturing, energy, and retail.

"IT organizations have focused solely on a bottom-up approach so far – implementing granular IT controls based on vulnerability scans, patch, and configuration control data. This approach results in a lot of data but little actionable intelligence," said Vasant Balasubramanian, Vice President of Product Management at MetricStream. "MetricStream combines bottom-up data with a top-down approach and over-arching analytics that correlate information risk, security, compliance, and business issues to provide actionable risk intelligence. Furthermore, with MetricStream's recent acquisition of vPanorama technology, we provide the unique capability of bringing top-down risk intelligence and IT GRC controls to the cloud. We also help enhance business value by closely aligning IT investments with organizational strategy and corporate objectives."

[1] IDC, MetricStream: Comprehensive Solutions for IT Governance, Risk, and Compliance, Doc #IN2672604U, July 2012

About MetricStream

MetricStream is a market leader in Enterprise-wide Governance, Risk, Compliance (GRC) and Quality Management Solutions for global corporations. MetricStream solutions are used by leading corporations such as UBS, P&G, Constellation Energy, Pfizer, Philips, BAE Systems, Twitter, SanDisk, Cummins and Sonic Automotive in diverse industries such as Financial Services, Healthcare, Life Sciences, Energy and Utilities, Food, Retail, CPG, Government, Hi-tech and Manufacturing to manage their risk management, quality processes, regulatory and industry-mandated compliance and corporate governance initiatives, as well as several million compliance professionals worldwide via the www.ComplianceOnline.com portal. MetricStream is headquartered in Palo Alto, California and can be reached at www.metricstream.com.

Media contact:
Mr. Vinay Bapna
[email protected]
650-620-2955

This press release was issued through eReleases® Press Release Distribution. For more information, visit http://www.ereleases.com.

 

SOURCE MetricStream

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@CloudExpo Stories
SYS-CON Events announced today that Utimaco will exhibit at SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Utimaco is a leading manufacturer of hardware based security solutions that provide the root of trust to keep cryptographic keys safe, secure critical digital infrastructures and protect high value data assets. Only Utimaco delivers a general-purpose hardware security module (HSM) as a customiz...
How do APIs and IoT relate? The answer is not as simple as merely adding an API on top of a dumb device, but rather about understanding the architectural patterns for implementing an IoT fabric. There are typically two or three trends: Exposing the device to a management framework Exposing that management framework to a business centric logic • Exposing that business layer and data to end users. This last trend is the IoT stack, which involves a new shift in the separation of what stuff hap...
SYS-CON Events announced today that SOA Software, an API management leader, will exhibit at SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. SOA Software is a leading provider of API Management and SOA Governance products that equip business to deliver APIs and SOA together to drive their company to meet its business strategy quickly and effectively. SOA Software’s technology helps businesses to accel...
Almost everyone sees the potential of Internet of Things but how can businesses truly unlock that potential. The key will be in the ability to discover business insight in the midst of an ocean of Big Data generated from billions of embedded devices via Systems of Discover. Businesses will also need to ensure that they can sustain that insight by leveraging the cloud for global reach, scale and elasticity.
SYS-CON Events announced today that ElasticBox is holding a Hackathon at DevOps Summit, November 6 from 12 pm -4 pm at the Santa Clara Convention Center in Santa Clara, CA. You can enter as an individual or team of up to 10 developers. A New Star Is Born Every Month! All completed ElasticBoxes will then be sent to a judging panel - 12 winners will be featured on the ElasticBox website in 2015. All entrants will receive five full enterprise licenses for one year + ElasticBox headphones + Elasti...
Once the decision has been made to move part or all of a workload to the cloud, a methodology for selecting that workload needs to be established. How do you move to the cloud? What does the discovery, assessment and planning look like? What workloads make sense? Which cloud model makes sense for each workload? What are the considerations for how to select the right cloud model? And how does that fit in with the overall IT tranformation? In his session at 15th Cloud Expo, John Hatem, head of V...
Cloud services are the newest tool in the arsenal of IT products in the market today. These cloud services integrate process and tools. In order to use these products effectively, organizations must have a good understanding of themselves and their business requirements. In his session at 15th Cloud Expo, Brian Lewis, Principal Architect at Verizon Cloud, will outline key areas of organizational focus, and how to formalize an actionable plan when migrating applications and internal services to...
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, will discuss how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP ...
Ixia develops amazing products so its customers can connect the world. Ixia helps its customers provide an always-on user experience through fast, secure delivery of dynamic connected technologies and services. Through actionable insights that accelerate and secure application and service delivery, Ixia's customers benefit from faster time to market, optimized application performance and higher-quality deployments.
SYS-CON Events announced today that Calm.io has been named “Bronze Sponsor” of DevOps Summit Silicon Valley, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Calm.io is a cloud orchestration platform for AWS, vCenter, OpenStack, or bare metal, that runs your CL tools puppet, Chef, shell, git, Jenkins, nagios, and will soon support New Relic and Docker. It can run hosted, or on premise and provides VM automation / expiry, self-service portals,...
In her General Session at 15th Cloud Expo, Anne Plese, Senior Consultant, Cloud Product Marketing, at Verizon Enterprise, will focus on finding the right mix of renting vs. buying Oracle capacity to scale to meet business demands, and offer validated Oracle database TCO models for Oracle development and testing environments. Anne Plese is a marketing and technology enthusiast/realist with over 19+ years in high tech. At Verizon Enterprise, she focuses on driving growth for the Verizon Cloud pla...
SYS-CON Events announced today that Aria Systems, the recurring revenue expert, has been named "Bronze Sponsor" of SYS-CON's 15th International Cloud Expo®, which will take place on November 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Aria Systems helps leading businesses connect their customers with the products and services they love. Industry leaders like Pitney Bowes, Experian, AAA NCNU, VMware, HootSuite and many others choose Aria to power their recurring revenue bu...
The Internet of Things (IoT) is going to require a new way of thinking and of developing software for speed, security and innovation. This requires IT leaders to balance business as usual while anticipating for the next market and technology trends. Cloud provides the right IT asset portfolio to help today’s IT leaders manage the old and prepare for the new. Today the cloud conversation is evolving from private and public to hybrid. This session will provide use cases and insights to reinforce t...
As Platform as a Service (PaaS) matures as a category, developers should have the ability to use the programming language of their choice to build applications and have access to a wide array of services. Bluemix is IBM's open cloud development platform that enables users to easily build cloud-based, creative mobile and web applications without having to spend large amounts of time and resources on configuring infrastructure and multiple software licenses. In this track, you will learn about the...
Blue Box has closed a $10 million Series B financing. The round was led by a strategic investor and included participation from prior investors including Voyager Capital and Founders Collective, as well as the Blue Box executive team. This round follows a $4.3 million Series A closed in December of 2012 and led by Voyager Capital. In May of this year, the company announced general availability of its private cloud as a service offering, Blue Box Cloud. Since that release, the company has dem...
SYS-CON Events announced today that Verizon has been named "Gold Sponsor" of SYS-CON's 15th International Cloud Expo®, which will take place on November 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Verizon Enterprise Solutions creates global connections that generate growth, drive business innovation and move society forward. With industry-specific solutions and a full range of global wholesale offerings provided over the company's secure mobility, cloud, strategic network...
SimpleECM is the only platform to offer a powerful combination of enterprise content management (ECM) services, capture solutions, and third-party business services providing simplified integrations and workflow development for solution providers. SimpleECM is opening the market to businesses of all sizes by reinventing the delivery of ECM services. Our APIs make the development of ECM services simple with the use of familiar technologies for a frictionless integration directly into web applicat...
The only place to be June 9-11 is Cloud Expo & @ThingsExpo 2015 East at the Javits Center in New York City. Join us there as delegates from all over the world come to listen to and engage with speakers & sponsors from the leading Cloud Computing, IoT & Big Data companies. Cloud Expo & @ThingsExpo are the leading events covering the booming market of Cloud Computing, IoT & Big Data for the enterprise. Speakers from all over the world will be hand-picked for their ability to explore the economic...
Cloudwick, the leading big data DevOps service and solution provider to the Fortune 1000, announced Big Loop, its multi-vendor operations platform. Cloudwick Big Loop creates greater collaboration between Fortune 1000 IT staff, developers and their database management systems as well as big data vendors. This allows customers to comprehensively manage and oversee their entire infrastructure, which leads to more successful production cluster operations, and scale-out. Cloudwick Big Loop supports ...
To manage complex web services with lots of calls to the cloud, many businesses have invested in Application Performance Management (APM) and Network Performance Management (NPM) tools. Together APM and NPM tools are essential aids in improving a business’s infrastructure required to support an effective web experience… but they are missing a critical component – Internet visibility. Internet connectivity has always played a role in customer access to web presence, but in the past few years use...