Risk
2/28/2014
07:30 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

TraceSecurity Enhances TraceCSO To Simplify IT GRC Management

Customers will see improvements in key features, new functionality, and other enhanced performance metrics

San Francisco, CA – RSA Conference – February 25, 2014

TraceSecurity, the pioneer in cloud-based IT governance, risk and compliance (GRC) solutions, continues its strategy of bringing simplicity to organizations faced with managing security threats, and the governance and compliance mandates that accompany them. In March, TraceCSO customers will see improvements in key features, new functionality and other enhanced performance metrics.

TraceSecurity development engineers have focused on four key areas in today's update. They include:

· Business object reporting – TraceCSO has added a layer of business object reporting on top of its risk assessment module, translating IT content into a form that is more easily consumable across business organizations. Assets are associated with business objects, delivering better categorization of risks and showcasing the potential damaging effects of identified risks in a context that communicates well with non-IT decision makers.

· Vendor questionnaires and surveys – This inline capability streamlines and automates the often onerous process of collecting security information from vendors. The feature ensures that results are consistent and can be reported in aggregate, eliminating errors and delivering added visibility into vendor relationships for decision makers.

· Remediation Planning – This enhancement is particularly well suited for small- and mid-sized organizations with limited IT personnel. The workflow feature, designed using industry standard, rules-based best practices, guides users through the decision-making process for every risk. Organizations can define the criteria by which a risk requires action, taking the necessary steps to manage visits within acceptable parameters.

· Partner efficiencies – TraceSecurity is making it easier for its MSSP partners and resellers to better serve their clients. Enhanced features allow partners to pre-set content for clients, making it easier to configure implementations and deliver a faster and more complete "out-of-the-box experience" for new customers.

"The goal of these new features is to take the risk out of risk management," said Josh Stone, director of product management at TraceSecurity. "We're working every day to simplify information security management for industries already challenged with high costs associated with IT infrastructures, a shortfall in security specialists, and rapidly changing regulatory mandates."

TraceSecurity has modified other aspects of the TraceCSO software suite to ensure continued ease-of-use and customer satisfaction. These include:

· Numerous screens were enhanced to increase performance and add configurable fields. This allows clients to tune the interface to achieve greater simplicity and enable optional, advanced features.

· TraceCSO supports both high-demand users and others seeking a more simplistic solution. Screens can now be customized to show only the fields necessary to support unique customer requirements.

· Today's TraceCSO is also significantly faster than earlier iterations, in some cases improving page loads by as much as 8 to10 times.

TraceCSO is the industry's first cloud solution for a holistic and risk-based information security program that delivers comprehensive visibility and accountability for improved risk and compliance profiles across all areas of an organization. TraceCSO allows organizations of any size, industry or security skill set to evaluate, create, implement and manage a comprehensive risk-based information security program, to protect their organizations from today's top information security risks. Launched just over a year ago, TraceCSO has been implemented for some 250 clients, across industries including financial services, healthcare, education, legal, technology and government.

About TraceSecurity

TraceSecurity, a leading pioneer in cloud-based security solutions, provides IT governance, risk and compliance (GRC) management solutions. The company's cloud-based services help organizations achieve, maintain and demonstrate security compliance while significantly improving their security posture. With more than 1,700 customers, TraceSecurity supports the security and risk management efforts of organizations in financial services, healthcare, high-tech, insurance, government, education and other regulated sectors. Founded in 2004, the company has executive offices in Silicon Valley and offices in Baton Rouge, La. For more information, call (225) 612-2121 or visit www.tracesecurity.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-1978
Published: 2015-05-21
Multiple cross-site request forgery (CSRF) vulnerabilities in Simple PHP Agenda 2.2.8 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add an administrator via a request to auth/process.php, (2) delete an administrator via a request to auth/admi...

CVE-2015-0741
Published: 2015-05-21
Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco Prime Central for Hosted Collaboration Solution (PC4HCS) 10.6(1) and earlier allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCut04596.

CVE-2015-0742
Published: 2015-05-21
The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0), 9.2(0.104), 9.2(3.1), 9.2(3.4), 9.3(1.105), 9.3(2.100), 9.4(0.115), 100.13(0.21), 100.13(20.3), 100.13(21.9), and 100.14(1.1) does not properly implement multicast-forwarding registrati...

CVE-2015-0746
Published: 2015-05-21
The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows remote attackers to cause a denial of service (API outage) by sending many requests, aka Bug ID CSCut62022.

CVE-2015-0915
Published: 2015-05-21
Cross-site scripting (XSS) vulnerability in RAKUS MailDealer 11.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted attachment filename.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.