Click here to close now.

Welcome!

Cloud Expo Authors: Liz McMillan, Roger Strukhoff, Esmeralda Swartz, JP Morgenthal, Pat Romanski

News Feed Item

MetricStream IT GRC Solutions Witness Rapid Adoption as Companies Seek to Integrate Bottom-Up IT Control Processes with Top-Down Risk Intelligence

Leading analyst firm cites MetricStream as a pioneer in the IT GRC products market, and highlights its "strong vertical specific solutions" and "strong IT GRC capabilities around cloud and virtualized environments"

PALO ALTO, Calif., Dec. 13, 2012 /PRNewswire/ -- In today's increasingly virtualized, mobile, and cloudy world, Chief Information Officers (CIOs) and Chief Information Security Officers (CISOs) are confronted with complex challenges around information security, big data management, and compliance with regulations such as SOX, PCI DSS, HIPAA, NERC, FISMA, and ISO 27001. The traditional approach of managing these requirements in multiple silos and systems is not only inefficient and expensive, but also leads to redundancies and conflicts. Today, organizations seek to rationalize and harmonize their IT GRC processes, while also providing top-level visibility into enterprise IT risk and compliance data that can help determine areas of concern, and enable management to make quick, actionable decisions based on sound data points.

MetricStream provides a comprehensive suite of IT GRC solutions that aggregate and unify IT risk and information security and compliance data from across the hyper-extended enterprise. The solutions also help add business context to the data, as well as provide strong analytics capabilities to support mature, risk-oriented security programs.

The MetricStream solutions integrate with various applications – such as those for identity management, asset management, Security Information and Event Management (SIEM), threat and vulnerability assessment, intrusion detection and prevention, and security feeds – to consolidate data related to information security, and technology risks. Powerful dashboards present a real-time, top-level view of this information. The solution also facilitates a robust workflow-based approach to IT audit management and remediation management.

MetricStream IT GRC Solutions were recently reviewed by IDC, a leading provider of global IT research and advice, in its report - "MetricStream: Comprehensive Solutions for IT Governance, Risk, and Compliance[1]." The report highlights MetricStream's "strong intellectual property (IP) portfolio around GRC," its "strong portfolio of IT GRC products that address end-to-end customer requirements," and its "strong partnership with various technology vendors in the security, smart grid, network management, operations, and asset management spaces." The report also highlights MetricStream's "strong IT GRC capabilities around cloud and virtualized environments."

Mayur Sahni, Research Manager, Services at IDC Asia/Pacific says, "Compliance requirements today are non-negotiable, and it's imperative for enterprises to implement a structured, organization-wide approach to IT GRC. MetricStream has a broad set of technologies not only to enforce and implement IT controls, but also to collect and harvest the information required to manage risk and demonstrate governance."

MetricStream IT GRC solutions provide integration capabilities for IT security, cloud, infrastructure, General Computer Controls (GCC), and business application controls. It simplifies compliance across IT regulations, standards, and frameworks by supporting automated monitoring and reporting of IT risk and control effectiveness and provides comprehensive content for meeting compliance challenges, including over 5,000+ IT control statements from over 800+ authority documents through a partnership with UCF, which helps organizations harmonize on the smallest possible set of IT controls to meet all their compliance requirements. The solutions also provide robust IT audit management capabilities, streamlines the IT audit and compliance process, and enable multiple stakeholders to gain visibility into the status of these processes and their results. IT control or compliance issues that arise are automatically routed through a systematic process of investigation and remediation.

With MetricStream's acquisition of vPanorama cloud GRC technology from TBD Networks, the company is able to provide solutions that allow its customers to seamlessly manage risks, regulatory compliance challenges, privacy requirements, security threats, and performance metrics across the cloud & virtualized infrastructure. The technology has augmented MetricStream's IT GRC solutions by providing granular visibility and control over security configuration assessments, continuous controls monitoring, risk management, and threat and vulnerability management. It helps minimize inefficiencies, while enhancing the reliability and performance of the cloud infrastructure.

MetricStream's robust functionality has attracted marquee customers across industry segments, which include some of the largest and most respected companies in social media and Internet information, banking and financial services, healthcare, manufacturing, energy, and retail.

"IT organizations have focused solely on a bottom-up approach so far – implementing granular IT controls based on vulnerability scans, patch, and configuration control data. This approach results in a lot of data but little actionable intelligence," said Vasant Balasubramanian, Vice President of Product Management at MetricStream. "MetricStream combines bottom-up data with a top-down approach and over-arching analytics that correlate information risk, security, compliance, and business issues to provide actionable risk intelligence. Furthermore, with MetricStream's recent acquisition of vPanorama technology, we provide the unique capability of bringing top-down risk intelligence and IT GRC controls to the cloud. We also help enhance business value by closely aligning IT investments with organizational strategy and corporate objectives."

[1] IDC, MetricStream: Comprehensive Solutions for IT Governance, Risk, and Compliance, Doc #IN2672604U, July 2012

About MetricStream

MetricStream is a market leader in Enterprise-wide Governance, Risk, Compliance (GRC) and Quality Management Solutions for global corporations. MetricStream solutions are used by leading corporations such as UBS, P&G, Constellation Energy, Pfizer, Philips, BAE Systems, Twitter, SanDisk, Cummins and Sonic Automotive in diverse industries such as Financial Services, Healthcare, Life Sciences, Energy and Utilities, Food, Retail, CPG, Government, Hi-tech and Manufacturing to manage their risk management, quality processes, regulatory and industry-mandated compliance and corporate governance initiatives, as well as several million compliance professionals worldwide via the www.ComplianceOnline.com portal. MetricStream is headquartered in Palo Alto, California and can be reached at www.metricstream.com.

Media contact:
Mr. Vinay Bapna
[email protected]
650-620-2955

This press release was issued through eReleases® Press Release Distribution. For more information, visit http://www.ereleases.com.

 

SOURCE MetricStream

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@CloudExpo Stories
The Open Compute Project is a collective effort by Facebook and a number of players in the datacenter industry to bring lessons learned from the social media giant's giant IT deployment to the rest of the world. Datacenters account for 3% of global electricity consumption – about the same as all of Switzerland or the Czech Republic -- according to people I met at the recent Open Compute Summit in San Jose. With increasing mobility at the edge of the cloud and vast new dataflows being pre...
GENBAND has announced that SageNet is leveraging the Nuvia platform to deliver Unified Communications as a Service (UCaaS) to its large base of retail and enterprise customers. Nuvia’s cloud-based solution provides SageNet’s customers with a full suite of business communications and collaboration tools. Two large national SageNet retail customers have recently signed up to deploy the Nuvia platform and the company will continue to sell the service to new and existing customers. Nuvia’s capabili...
DevOps means different things to different people. Qubell defines DevOps as the ability for the developer teams to do what they need to do to have this level of self-service. At DevOps Summit, Stan Klimoff, CTO of Qubell, demos the enterprise DevOps platform.
"We help companies that are using a lot of Software as a Service. We help companies manage and gain visibility into what people are using inside the company and decide to secure them or use standards to lock down or to embrace the adoption of SaaS inside the company," explained Scott Kriz, Co-founder and CEO of Bitium, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The WebRTC Summit 2014 New York, to be held June 9-11, 2015, at the Javits Center in New York, NY, announces that its Call for Papers is open. Topics include all aspects of improving IT delivery by eliminating waste through automated business models leveraging cloud technologies. WebRTC Summit is co-located with 16th International Cloud Expo, @ThingsExpo, Big Data Expo, and DevOps Summit.
Even though it’s now Microservices Journal, long-time fans of SOA World Magazine can take comfort in the fact that the URL – soa.sys-con.com – remains unchanged. And that’s no mistake, as microservices are really nothing more than a new and improved take on the Service-Oriented Architecture (SOA) best practices we struggled to hammer out over the last decade. Skeptics, however, might say that this change is nothing more than an exercise in buzzword-hopping. SOA is passé, and now that people are ...
Cloud computing started a technology revolution; now DevOps is driving that revolution forward. By enabling new approaches to service delivery, cloud and DevOps together are delivering even greater speed, agility, and efficiency. No wonder leading innovators are adopting DevOps and cloud together! In his session at DevOps Summit, Andi Mann, Vice President of Strategic Solutions at CA Technologies, explored the synergies in these two approaches, with practical tips, techniques, research data, wa...
WSM International is launching a DevOps services division that offers assessment, consulting and implementation to large enterprises and organizations with complex infrastructures. This is the first independent services company to create a dedicated practice to help organizations looking to transition to the DevOps model. The concept of DevOps is to blend information technology (IT) software development with operations to optimize the computing infrastructure according to the specific needs of ...
The term culture has had a polarizing effect among DevOps supporters. Some propose that culture change is critical for success with DevOps, but are remiss to define culture. Some talk about a DevOps culture but then reference activities that could lead to culture change and there are those that talk about culture change as a set of behaviors that need to be adopted by those in IT. There is no question that businesses successful in adopting a DevOps mindset have seen departmental culture change, ...
SYS-CON Events announced today that Cisco, the worldwide leader in IT that transforms how people connect, communicate and collaborate, has been named “Gold Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Cisco makes amazing things happen by connecting the unconnected. Cisco has shaped the future of the Internet by becoming the worldwide leader in transforming how people connect, communicate and collaborat...
15th Cloud Expo, which took place Nov. 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA, expanded the conference content of @ThingsExpo, Big Data Expo, and DevOps Summit to include two developer events. IBM held a Bluemix Developer Playground on November 5 and ElasticBox held a Hackathon on November 6. Both events took place on the expo floor. The Bluemix Developer Playground, for developers of all levels, highlighted the ease of use of Bluemix, its services and functionalit...
Temasys has announced senior management additions to its team. Joining are David Holloway as Vice President of Commercial and Nadine Yap as Vice President of Product. Over the past 12 months Temasys has doubled in size as it adds new customers and expands the development of its Skylink platform. Skylink leads the charge to move WebRTC, traditionally seen as a desktop, browser based technology, to become a ubiquitous web communications technology on web and mobile, as well as Internet of Things...
"Our premise is Docker is not enough. That's not a bad thing - we actually love Docker. At ActiveState all our products are based on open source technology and Docker is an up-and-coming piece of open source technology," explained Bart Copeland, President & CEO of ActiveState Software, in this SYS-CON.tv interview at DevOps Summit at Cloud Expo®, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that robomq.io will exhibit at SYS-CON's @ThingsExpo, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. robomq.io is an interoperable and composable platform that connects any device to any application. It helps systems integrators and the solution providers build new and innovative products and service for industries requiring monitoring or intelligence from devices and sensors.
Today, IT is not just a cost center. IT is an enabler and driver of business. With the emergence of the hybrid cloud paradigm, IT now has increasingly more capabilities to create new strategic opportunities for a business. Hybrid cloud allows an organization to utilize multi-tenant public clouds, dedicated private clouds, bare metal hosting, and the associated support and services for the right use cases through an on-demand, XaaS model. This model of IT creates tremendous opportunities for busi...
Chef announced that James Casey has been appointed Vice President of Engineering. Casey has more than a decade of experience managing engineering and operations for CERN and is a three-year Chef veteran. Casey brings deep expertise in DevOps practices, as well as an innate understanding of the needs of Chef customers and the community. Casey will oversee the quality and cadence of product development for Chef's engineering and operations teams, and will report to Chef CEO Barry Crist.
DevOps tasked with driving success in the cloud need a solution to efficiently leverage multiple clouds while avoiding cloud lock-in. Flexiant today announces the commercial availability of Flexiant Concerto. With Flexiant Concerto, DevOps have cloud freedom to automate the build, deployment and operations of applications consistently across multiple clouds. Concerto is available through four disruptive pricing models aimed to deliver multi-cloud at a price point everyone can afford.
Docker is an excellent platform for organizations interested in running microservices. It offers portability and consistency between development and production environments, quick provisioning times, and a simple way to isolate services. In his session at DevOps Summit at 16th Cloud Expo, Shannon Williams, co-founder of Rancher Labs, will walk through these and other benefits of using Docker to run microservices, and provide an overview of RancherOS, a minimalist distribution of Linux designed...
Business as usual for IT is evolving into a “Make or Buy” decision on a service-by-service conversation with input from the LOBs. How does your organization move forward with cloud? In his general session at 16th Cloud Expo, Paul Maravei, Regional Sales Manager, Hybrid Cloud and Managed Services at Cisco, discusses how Cisco and its partners offer a market-leading portfolio and ecosystem of cloud infrastructure and application services that allow you to uniquely and securely combine cloud busi...
Businesses are looking to empower employees and departments to do more, go faster, and streamline their processes. For all workers – but mobile workers especially – utilizing the cloud to reconnect documents and improve processes without destructing existing workflows can have a dramatic impact on productivity. In his session at 16th Cloud Expo, Mark Grilli, vice president of Acrobat Solutions marketing at Adobe Systems Incorporated, will outline new ways that the cloud is changing the way peo...