Click here to close now.




















Welcome!

@CloudExpo Authors: Nicholas Lee, Elizabeth White, Peter Silva, Esmeralda Swartz, Liz McMillan

News Feed Item

MetricStream IT GRC Solutions Witness Rapid Adoption as Companies Seek to Integrate Bottom-Up IT Control Processes with Top-Down Risk Intelligence

Leading analyst firm cites MetricStream as a pioneer in the IT GRC products market, and highlights its "strong vertical specific solutions" and "strong IT GRC capabilities around cloud and virtualized environments"

PALO ALTO, Calif., Dec. 13, 2012 /PRNewswire/ -- In today's increasingly virtualized, mobile, and cloudy world, Chief Information Officers (CIOs) and Chief Information Security Officers (CISOs) are confronted with complex challenges around information security, big data management, and compliance with regulations such as SOX, PCI DSS, HIPAA, NERC, FISMA, and ISO 27001. The traditional approach of managing these requirements in multiple silos and systems is not only inefficient and expensive, but also leads to redundancies and conflicts. Today, organizations seek to rationalize and harmonize their IT GRC processes, while also providing top-level visibility into enterprise IT risk and compliance data that can help determine areas of concern, and enable management to make quick, actionable decisions based on sound data points.

MetricStream provides a comprehensive suite of IT GRC solutions that aggregate and unify IT risk and information security and compliance data from across the hyper-extended enterprise. The solutions also help add business context to the data, as well as provide strong analytics capabilities to support mature, risk-oriented security programs.

The MetricStream solutions integrate with various applications – such as those for identity management, asset management, Security Information and Event Management (SIEM), threat and vulnerability assessment, intrusion detection and prevention, and security feeds – to consolidate data related to information security, and technology risks. Powerful dashboards present a real-time, top-level view of this information. The solution also facilitates a robust workflow-based approach to IT audit management and remediation management.

MetricStream IT GRC Solutions were recently reviewed by IDC, a leading provider of global IT research and advice, in its report - "MetricStream: Comprehensive Solutions for IT Governance, Risk, and Compliance[1]." The report highlights MetricStream's "strong intellectual property (IP) portfolio around GRC," its "strong portfolio of IT GRC products that address end-to-end customer requirements," and its "strong partnership with various technology vendors in the security, smart grid, network management, operations, and asset management spaces." The report also highlights MetricStream's "strong IT GRC capabilities around cloud and virtualized environments."

Mayur Sahni, Research Manager, Services at IDC Asia/Pacific says, "Compliance requirements today are non-negotiable, and it's imperative for enterprises to implement a structured, organization-wide approach to IT GRC. MetricStream has a broad set of technologies not only to enforce and implement IT controls, but also to collect and harvest the information required to manage risk and demonstrate governance."

MetricStream IT GRC solutions provide integration capabilities for IT security, cloud, infrastructure, General Computer Controls (GCC), and business application controls. It simplifies compliance across IT regulations, standards, and frameworks by supporting automated monitoring and reporting of IT risk and control effectiveness and provides comprehensive content for meeting compliance challenges, including over 5,000+ IT control statements from over 800+ authority documents through a partnership with UCF, which helps organizations harmonize on the smallest possible set of IT controls to meet all their compliance requirements. The solutions also provide robust IT audit management capabilities, streamlines the IT audit and compliance process, and enable multiple stakeholders to gain visibility into the status of these processes and their results. IT control or compliance issues that arise are automatically routed through a systematic process of investigation and remediation.

With MetricStream's acquisition of vPanorama cloud GRC technology from TBD Networks, the company is able to provide solutions that allow its customers to seamlessly manage risks, regulatory compliance challenges, privacy requirements, security threats, and performance metrics across the cloud & virtualized infrastructure. The technology has augmented MetricStream's IT GRC solutions by providing granular visibility and control over security configuration assessments, continuous controls monitoring, risk management, and threat and vulnerability management. It helps minimize inefficiencies, while enhancing the reliability and performance of the cloud infrastructure.

MetricStream's robust functionality has attracted marquee customers across industry segments, which include some of the largest and most respected companies in social media and Internet information, banking and financial services, healthcare, manufacturing, energy, and retail.

"IT organizations have focused solely on a bottom-up approach so far – implementing granular IT controls based on vulnerability scans, patch, and configuration control data. This approach results in a lot of data but little actionable intelligence," said Vasant Balasubramanian, Vice President of Product Management at MetricStream. "MetricStream combines bottom-up data with a top-down approach and over-arching analytics that correlate information risk, security, compliance, and business issues to provide actionable risk intelligence. Furthermore, with MetricStream's recent acquisition of vPanorama technology, we provide the unique capability of bringing top-down risk intelligence and IT GRC controls to the cloud. We also help enhance business value by closely aligning IT investments with organizational strategy and corporate objectives."

[1] IDC, MetricStream: Comprehensive Solutions for IT Governance, Risk, and Compliance, Doc #IN2672604U, July 2012

About MetricStream

MetricStream is a market leader in Enterprise-wide Governance, Risk, Compliance (GRC) and Quality Management Solutions for global corporations. MetricStream solutions are used by leading corporations such as UBS, P&G, Constellation Energy, Pfizer, Philips, BAE Systems, Twitter, SanDisk, Cummins and Sonic Automotive in diverse industries such as Financial Services, Healthcare, Life Sciences, Energy and Utilities, Food, Retail, CPG, Government, Hi-tech and Manufacturing to manage their risk management, quality processes, regulatory and industry-mandated compliance and corporate governance initiatives, as well as several million compliance professionals worldwide via the www.ComplianceOnline.com portal. MetricStream is headquartered in Palo Alto, California and can be reached at www.metricstream.com.

Media contact:
Mr. Vinay Bapna
[email protected]
650-620-2955

This press release was issued through eReleases® Press Release Distribution. For more information, visit http://www.ereleases.com.

 

SOURCE MetricStream

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@CloudExpo Stories
As more and more data is generated from a variety of connected devices, the need to get insights from this data and predict future behavior and trends is increasingly essential for businesses. Real-time stream processing is needed in a variety of different industries such as Manufacturing, Oil and Gas, Automobile, Finance, Online Retail, Smart Grids, and Healthcare. Azure Stream Analytics is a fully managed distributed stream computation service that provides low latency, scalable processing of ...
Any Ops team trying to support a company in today’s cloud-connected world knows that a new way of thinking is required – one just as dramatic than the shift from Ops to DevOps. The diversity of modern operations requires teams to focus their impact on breadth vs. depth. In his session at DevOps Summit, Adam Serediuk, Director of Operations at xMatters, Inc., will discuss the strategic requirements of evolving from Ops to DevOps, and why modern Operations has begun leveraging the “NoOps” approa...
In today's digital world, change is the one constant. Disruptive innovations like cloud, mobility, social media, and the Internet of Things have reshaped the market and set new standards in customer expectations. To remain competitive, businesses must tap the potential of emerging technologies and markets through the rapid release of new products and services. However, the rigid and siloed structures of traditional IT platforms and processes are slowing them down – resulting in lengthy delivery ...
In their Live Hack” presentation at 17th Cloud Expo, Stephen Coty and Paul Fletcher, Chief Security Evangelists at Alert Logic, will provide the audience with a chance to see a live demonstration of the common tools cyber attackers use to attack cloud and traditional IT systems. This “Live Hack” uses open source attack tools that are free and available for download by anybody. Attendees will learn where to find and how to operate these tools for the purpose of testing their own IT infrastructu...
SYS-CON Events announced today that IceWarp will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. IceWarp, the leader of cloud and on-premise messaging, delivers secured email, chat, documents, conferencing and collaboration to today's mobile workforce, all in one unified interface
Too often with compelling new technologies market participants become overly enamored with that attractiveness of the technology and neglect underlying business drivers. This tendency, what some call the “newest shiny object syndrome,” is understandable given that virtually all of us are heavily engaged in technology. But it is also mistaken. Without concrete business cases driving its deployment, IoT, like many other technologies before it, will fade into obscurity.
SYS-CON Events announced today that G2G3 will exhibit at SYS-CON's @DevOpsSummit Silicon Valley, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Based on a collective appreciation for user experience, design, and technology, G2G3 is uniquely qualified and motivated to redefine how organizations and people engage in an increasingly digital world.
The Internet of Things (IoT) is about the digitization of physical assets including sensors, devices, machines, gateways, and the network. It creates possibilities for significant value creation and new revenue generating business models via data democratization and ubiquitous analytics across IoT networks. The explosion of data in all forms in IoT requires a more robust and broader lens in order to enable smarter timely actions and better outcomes. Business operations become the key driver of I...
SYS-CON Events announced today that DataClear Inc. will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. The DataClear ‘BlackBox’ is the only solution that moves your PC, browsing and data out of the United States and away from prying (and spying) eyes. Its solution automatically builds you a clean, on-demand, virus free, new virtual cloud based PC outside of the United States, and wipes it clean...
SYS-CON Events announced today that Micron Technology, Inc., a global leader in advanced semiconductor systems, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Micron’s broad portfolio of high-performance memory technologies – including DRAM, NAND and NOR Flash – is the basis for solid state drives, modules, multichip packages and other system solutions. Backed by more than 35 years of tech...
Culture is the most important ingredient of DevOps. The challenge for most organizations is defining and communicating a vision of beneficial DevOps culture for their organizations, and then facilitating the changes needed to achieve that. Often this comes down to an ability to provide true leadership. As a CIO, are your direct reports IT managers or are they IT leaders? The hard truth is that many IT managers have risen through the ranks based on their technical skills, not their leadership ab...
Through WebRTC, audio and video communications are being embedded more easily than ever into applications, helping carriers, enterprises and independent software vendors deliver greater functionality to their end users. With today’s business world increasingly focused on outcomes, users’ growing calls for ease of use, and businesses craving smarter, tighter integration, what’s the next step in delivering a richer, more immersive experience? That richer, more fully integrated experience comes ab...
IBM’s Blue Box Cloud, powered by OpenStack, is now available in any of IBM’s globally integrated cloud data centers running SoftLayer infrastructure. Less than 90 days after its acquisition of Blue Box, IBM has integrated its Blue Box Cloud Dedicated private-cloud-as-a-service into its broader portfolio of OpenStack® based solutions. The announcement, made today at the OpenStack Silicon Valley event, further highlights IBM’s continued support to deliver OpenStack solutions across all cloud depl...
Red Hat is investing in Tesora, the number one contributor to OpenStack Trove Database as a Service (DBaaS) also ranked among the top 20 companies contributing to OpenStack overall. Tesora, the company bringing OpenStack Trove Database as a Service (DBaaS) to the enterprise, has announced that Red Hat and others have invested in the company as a part of Tesora's latest funding round. The funding agreement expands on the ongoing collaboration between Tesora and Red Hat, which dates back to Febr...
Organizations from small to large are increasingly adopting cloud solutions to deliver essential business services at a much lower cost. According to cyber security experts, the frequency and severity of cyber-attacks are on the rise, causing alarm to businesses and customers across a variety of industries. To defend against exploits like these, a company must adopt a comprehensive security defense strategy that is designed for their business. In 2015, organizations such as United Airlines, Sony...
U.S. companies are desperately trying to recruit and hire skilled software engineers and developers, but there is simply not enough quality talent to go around. Tiempo Development is a nearshore software development company. Our headquarters are in AZ, but we are a pioneer and leader in outsourcing to Mexico, based on our three software development centers there. We have a proven process and we are experts at providing our customers with powerful solutions. We transform ideas into reality.
With the proliferation of connected devices underpinning new Internet of Things systems, Brandon Schulz, Director of Luxoft IoT – Retail, will be looking at the transformation of the retail customer experience in brick and mortar stores in his session at @ThingsExpo. Questions he will address include: Will beacons drop to the wayside like QR codes, or be a proximity-based profit driver? How will the customer experience change in stores of all types when everything can be instrumented and a...
SYS-CON Events announced today that Pythian, a global IT services company specializing in helping companies leverage disruptive technologies to optimize revenue-generating systems, has been named “Bronze Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Founded in 1997, Pythian is a global IT services company that helps companies compete by adopting disruptive technologies such as cloud, Big Data, advance...
Akana has announced the availability of the new Akana Healthcare Solution. The API-driven solution helps healthcare organizations accelerate their transition to being secure, digitally interoperable businesses. It leverages the Health Level Seven International Fast Healthcare Interoperability Resources (HL7 FHIR) standard to enable broader business use of medical data. Akana developed the Healthcare Solution in response to healthcare businesses that want to increase electronic, multi-device acce...
SmartBear Software has updated its API tools, ServiceV for API service virtualization and LoadUI NG for API load testing, to accelerate development and testing processes in Agile teams. Updates to ServiceV enable software teams to rapidly build advanced mocks from real-time API traffic and quickly switch between virtualized “mock” services and actual APIs during diagnostic, load or integration testing in the continuous delivery lifecycle.