Risk
2/21/2013
01:16 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

TraceSecurity ACloud-based IT GRC Solution To SMEs And SMBs

TraceCSO delivers comprehensive visibility and accountability for improved risk and compliance profiles

LOS GATOS, Calif. -- Feb. 21, 2013 -- TraceSecurity, the pioneer in cloud-based IT governance, risk and compliance (GRC) solutions, and Qualys, Inc., a pioneer and leading provider of cloud security and compliance management solutions, today announced an integration partnership enabling organizations to leverage their investments in QualysGuard® Vulnerability Management (VM) solution when deploying cloud-based comprehensive IT GRC programs from TraceSecurity's TraceCSO solution.

TraceCSO is the industry's first cloud solution for a holistic and risk-based information security program that delivers comprehensive visibility and accountability for improved risk and compliance profiles across all areas of an organization, including cloud environments. While TraceCSO is equipped with its own vulnerability management capabilities, this integration enables QualysGuard users to manage their vulnerability scan results within TraceCSO's centralized interface, and influence other areas of the TraceCSO IT GRC program, such as Risk, Audit, and Compliance Management, just as they would with TraceSecurity's own vulnerability management solution.

"Vulnerability management is core to IT GRC, and we are pleased to offer this integration with TraceCSO's unique cloud-based IT GRC program solution," said Philippe Courtot, chairman and CEO of Qualys. "This integration helps us further support the SMB and SME market by enabling customers to import results from QualysGuard scans into TraceSecurity's IT GRC solution designed for the mid-market."

Vulnerability management is a critical element of an IT GRC solution and an organization's overall information security program. While the identification, classification, remediation, and mitigation of vulnerabilities itself is important, it is essential that the information gathered from vulnerability scanning can impact other critical information security program functions such as risk management, IT auditing, and overall compliance postures to ensure the organization has a complete picture of its overall risk profile.

"We find that many of our prospects are also Qualys customers, and we were pleased to rapidly respond to meet their requests to integrate with QualysGuard," said Peter Stewart, president and CEO of TraceSecurity. "With seamless integration into TraceCSO's workflow, alerting, reporting, and ticketing systems, Qualys customers will continue to benefit from their investments in vulnerability management while leveraging a leading and complete cloud-based IT GRC software solution. We look forward to our continued work and development through this partnership with Qualys."

TraceCSO allows organizations of any size, industry or security skill set to evaluate, create, implement and manage a comprehensive risk-based information security program, to protect their organizations from today's top information security risks, including cloud security and "bring your own device" (BYOD) concerns. Unlike current information security program solutions, which simply provide a console and no remediation tools, TraceCSO identifies and prioritizes risk to an organization's information – including network vulnerabilities – and identifies, implements and audits security controls. To help organizations stay current with the latest regulatory mandates specific to their industry, TraceCSO leverages a global database of hundreds of authorities and more than 25,000 regulations and citations.

About TraceSecurity

TraceSecurity, the leading pioneer in cloud-based security solutions, provides IT governance, risk and compliance (GRC) management solutions. The company's cloud-based services help organizations achieve, maintain and demonstrate security compliance while significantly improving their security posture. With more than 1,500 customers, TraceSecurity supports the security and risk management efforts of organizations in financial services, healthcare, high-tech, insurance, government, education and other regulated sectors. Founded in 2004, the company has executive offices in Silicon Valley and offices in Baton Rouge, La. For more information, call (225) 612-2121 or visit www.tracesecurity.com.

About Qualys

Qualys, Inc. (NASDAQ: QLYS), is a pioneer and leading provider of cloud security and compliance solutions with over 6,000 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100. The QualysGuard Cloud Platform and integrated suite of solutions helps organizations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations, including Accuvant, BT, Dell SecureWorks, Fujitsu, NTT, Symantec, Verizon, and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA).

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-5242
Published: 2014-10-21
Directory traversal vulnerability in functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter in a get_template action.

CVE-2012-5243
Published: 2014-10-21
functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to read arbitrary database information via a crafted request.

CVE-2012-5702
Published: 2014-10-21
Multiple cross-site scripting (XSS) vulnerabilities in dotProject before 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) callback parameter in a color_selector action, (2) field parameter in a date_format action, or (3) company_name parameter in an addedit action to i...

CVE-2013-7406
Published: 2014-10-21
SQL injection vulnerability in the MRBS module for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVE-2014-2531
Published: 2014-10-21
SQL injection vulnerability in xhr.php in InterWorx Web Control Panel (aka InterWorx Hosting Control Panel and InterWorx-CP) before 5.0.14 build 577 allows remote authenticated users to execute arbitrary SQL commands via the i parameter in a search action to the (1) NodeWorx , (2) SiteWorx, or (3) R...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.