nCircle Debuts nCircle Benchmark

Cloud-based solution offers metrics and scorecards for measuring and benchmarking security and compliance program performance

February 3, 2011

5 Min Read


SAN FRANCISCO—February 2, 2011—nCircle, the leader in automated security and compliance auditing solutions, today announced nCircle Benchmark, the world’s first security and compliance benchmarking service that enables organizations to compare the performance of their entire IT security ecosystem against their own goals and the performance of industry peers. nCircle Benchmark is a Cloud-based service that securely and reliably assesses customer IT security performance with objective, industry-proven metrics to deliver actionable, visual scorecards. The service then compares these scorecards against industry benchmarks continuously aggregated from nCircle Benchmark community participants.

nCircle Benchmark delivers visibility across multi-vendor security and compliance environments including configuration auditing, vulnerability management, patch management, anti-virus and endpoint protection and identity and access management using at-a-glance metrics and scorecards to deliver fact-based, consistent answers to these critical enterprise security questions:

* Are we meeting our security and compliance goals? * How does our performance compare with our peers? * Are we investing effectively?

“This service is going to change the industry. There is a strong need for a way to compare security and compliance performance across companies and Federal agencies,” stated Richard Stiennon, Chief Research Analyst at IT-Harvest. “This is the first service of its kind and creates a metrics-based language for CISO’s that has been missing to date in security and compliance disciplines.”

nCircle Benchmark provides a broad range of scorecards that can be presented by industry, company size, geography and assets under management. Internal metrics can be analyzed by an even wider range of criteria including risk profile, organizational structure and compliance requirements. nCircle Benchmark also includes an optional Metrics Design Studio for users to design and produce custom metrics and scorecards of their own.

“Our CIO and executive management always ask how we compare to our peers in the industry before they will fund compliance projects and toolsets,” said Cliff Reeser, IT Director, Global Security Operations of NetApp. “nCircle Benchmark is built on a rich foundation of metrics and scorecards and will give us the information that will help us make more informed security investment decisions.”

nCircle Benchmark is Free and Available Now The basic edition of nCircle Benchmark is free and available now to current nCircle customers. Free, basic editions of nCircle Benchmark Metrics Packs for additional vendors will be rolling out weekly beginning on February 14th. To get started, users simply visit to create an account, download and connect the appropriate nCircle Benchmark Metrics Engine. Within minutes customers can be viewing metrics and scorecards of their security performance and comparing results to a benchmark of their peers.

“nCircle Benchmark is a revolutionary new service on many levels,” said Abe Kleinfeld, CEO of nCircle. “Just as CFOs have a standard ‘metrics language’ for communicating financial performance to both financial and non-financial audiences, nCircle Benchmark enables the Chief Security Officer to communicate security program performance and effectiveness to broad audiences.” Mr. Kleinfeld added, “nCircle Benchmark is poised to become the security performance tide that raises all ships—organizations now have community-based benchmarks and best practices for comparing their performance and driving it to new heights.” nCircle Benchmark Metrics Packs for Vulnerability Management and Configuration Auditing are available to all nCircle Suite360 customers today and will be available for additional vendors’ products on February 14th, 2011. These free vulnerability management and configuration auditing metrics packs include Benchmarks for:

* Average risk score per host * Average number of days since last vulnerability scan * Vulnerability distribution by platform * Vulnerability distribution by severity * Configuration change rate * Applied policy categories by platform * Compliance by platform * Percent of policy compliance by platform

Additional Metrics Packs will become available in the following weeks with hundreds of new scorecards for measuring and comparing performance across the entire IT security ecosystem.

nCircle Benchmark is Highly Secure nCircle has taken great care to ensure the integrity and security of nCircle Benchmark data. All nCircle Benchmark data is secured and encrypted in transit and at rest. Benchmarks are stored in unique-per-customer databases and are protected using auditable aggregation methods. Only aggregated metric results are sent to the cloud; and detailed source data never leaves the customer’s network.

“nCircle Benchmark is a quantum leap forward for our customers. It is strategically important for organizations to understand and communicate the true state of their security risk and compliance posture across the enterprise,” said Jim Acquaviva, Vice President of Product Strategy at nCircle. “nCircle Benchmark provides an extraordinary set of capabilities that assure consistency and comparability of results for organizations to cost effectively unify enterprise security and compliance performance analysis through fact-based metrics and scorecards.” More nCircle Benchmark Metrics Packs will become available weekly over the next 90 days for the most popular products in the categories of vulnerability management, configuration auditing, patch management, anti-virus and endpoint protection, identity and access management, and more. In addition to the free Basic Metrics Packs, Standard and Premium Metrics Packs will soon be available for each category of security product, as well as an Enterprise Metrics Pack of the complete nCircle Benchmark catalog.

For more information, please visit the website.

About nCircle nCircle is the leading provider of automated security and compliance auditing solutions. More than 5,500 enterprises, government agencies and service providers around the world rely on nCircle's proactive solutions to manage and reduce security risk and achieve compliance on their networks. nCircle has won numerous awards for growth, innovation, customer satisfaction and technology leadership and has been ranked among the top 100 best places to work in the San Francisco Bay Area. nCircle is headquartered in San Francisco, CA, with regional offices throughout the United States and in London and Toronto. Additional information about nCircle is available at

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights