Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

5/27/2010
11:33 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Rapid7 And Agiliance Integrate Their Products

Technology integration will provide rich vulnerability data, risk metrics, and enterprise compliance intelligence to customers

BOSTON & SAN JOSE, Calif. --May 25, 2010 -- Rapid7', the leading provider of unified vulnerability management, compliance and penetration testing solutions, and Agiliance, the leading provider of real-time integrated Governance, Risk and Compliance (GRC) solutions, today announced a technology integration that will provide rich vulnerability data, risk metrics, and enterprise compliance intelligence to customers. Armed with this vulnerability, threat and compliance information, organizations can make better informed business decisions to meet internal security policies and meet regulatory compliance requirements.

Organizations are experiencing more threats, both internal and external, and are increasingly turning to GRC solutions to both improve visibility into their enterprise-wide risk posture and automate compliance processes. To meet these critical business needs, Agiliance has integrated its GRC solution, RiskVisionTM, with Rapid7 NeXpose', the only integrated vulnerability management solution that allows organizations to manage network, operating system, Web application and database security strategies. NeXpose also provides the industry’s most comprehensive risk scoring and prioritized remediation reports. By combining rich threat data from NeXpose with RiskVision’s real-time risk and compliance management platform, joint customers now have a robust, closed loop solution that leverages the power of both platforms to proactively manage information security threats.

This unique integration brings together two of the industry’s top solutions. Rapid7 NeXpose received the highest possible rating of “Strong Positive” in Gartner's “MarketScope: Vulnerability Assessment, 2010.” In addition, Agiliance RiskVision received the highest possible rating of “Strong Positive” in the latest Gartner “MarketScope for IT-GRCM.” The integration of NeXpose IT asset and vulnerability data with the continuously monitored asset configuration, patch status and compliance metrics in Agiliance RiskVision allows organizations to understand their complete security posture in real-time. Agiliance’s industry leading workflow and bi-directional integrations with ticketing and patch management systems also enable organizations to automate the prioritization and response to threats based on business priorities.

“GRC is critical for meeting security best practices and protecting business-critical information. Combined with rich vulnerability data and compliance intelligence gathered across the entire IT infrastructure, GRC becomes even more effective,” said Mike Tuchen, president and CEO for Rapid7. “This integration gives joint customers access to richer, prioritized vulnerability and risk data for comprehensive analysis and visibility, even as their business and IT infrastructure continue to grow. Rapid7 provides vulnerability and asset data that no other security company harnesses with our vulnerability management solutions.”

“The integration with Rapid7 further strengthens Agiliance’s industry leading GRC solution, providing complete closed loop risk and compliance automation,” said Joe Fantuzzi, president and CEO for Agiliance. “By linking vulnerability and asset data results from Rapid7 NeXpose to compliance and risk requirements, this integration enables enterprises to achieve continuous compliance with automation and avoid audit fatigue.”

About Rapid7

Rapid7 is the leading provider of unified vulnerability management, compliance, and penetration testing solutions, delivering actionable intelligence about an organization’s entire IT environment. Rapid7 offers the only integrated threat management solution that enables organizations to implement and maintain best practices and optimize their network security, Web application security and database security strategies.

Recognized as the fastest growing vulnerability management company in the U.S. by Inc. Magazine, Rapid7 helps leading organizations such as Liz Claiborne, the United States Postal Service, Carnegie Mellon University and Red Bull to mitigate risk and maintain compliance for regulations such as PCI, HIPAA, FISMA, SOX and NERC. Rapid7 also manages the Metasploit Project, the leading open-source penetration testing platform with the world’s largest database of public, tested exploits. For more information, visit www.rapid7.com.

About Agiliance

Agiliance, founded in 2005, is a leading provider of enterprise Governance, Risk and Compliance (GRC) solutions. Global Fortune 5000 companies leverage Agiliance's award-winning technologies to address increasingly stringent GRC requirements and complex security threats. The Agiliance GRC solution enables organizations to manage their IT, security and operational risks more effectively, while reducing the cost of meeting compliance mandates. Agiliance RiskVisionTM is a fully integrated suite of GRC applications, delivered on a purpose-built GRC technology platform. RiskVision has received the highest rating of "Strong Positive" in the latest Gartner MarketScope for IT-GRCM, as well as the highest rating of "Leader" in the latest Forrester Wave for IT Risk and Compliance Software. For more information, visit www.agiliance.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
A Startup With NSA Roots Wants Silently Disarming Cyberattacks on the Wire to Become the Norm
Kelly Jackson Higgins, Executive Editor at Dark Reading,  5/11/2021
Edge-DRsplash-10-edge-articles
Cybersecurity: What Is Truly Essential?
Joshua Goldfarb, Director of Product Management at F5,  5/12/2021
Commentary
3 Cybersecurity Myths to Bust
Etay Maor, Sr. Director Security Strategy at Cato Networks,  5/11/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-18178
PUBLISHED: 2021-05-18
Path Traversal in HongCMS v4.0.0 allows remote attackers to view, edit, and delete arbitrary files via a crafted POST request to the component "/hcms/admin/index.php/language/ajax."
CVE-2020-20214
PUBLISHED: 2021-05-18
Mikrotik RouterOs 6.44.6 (long-term tree) suffers from an assertion failure vulnerability in the btest process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet.
CVE-2020-20222
PUBLISHED: 2021-05-18
Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/sniffer process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
CVE-2020-20236
PUBLISHED: 2021-05-18
Mikrotik RouterOs 6.46.3 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/sniffer process. An authenticated remote attacker can cause a Denial of Service due to improper memory access.
CVE-2020-20237
PUBLISHED: 2021-05-18
Mikrotik RouterOs 6.46.3 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/sniffer process. An authenticated remote attacker can cause a Denial of Service due to improper memory access.