Review: eGestalt Technologies SecureGRC

By

It is a solid citation-based configurable risk model but is light on compliance content.

SecureGRC is a cloud-based, software-as-a-service (SaaS) enterprise application that provides security and regulatory compliance management. It unifies security monitoring and compliance into a single solution to address needs around risk management.

This is a young product, v1.0 shipped in August 2010. The beta version we were shown is due to be released soon. It focuses on the assessment portion of the risk effort. We were told that the final version will also support remediation through the integration of support for threat and vulnerability data.
The combined security monitoring and IT-GRC solution provides automation and integration of security and policy controls in a ready-to-use automation framework. SecureGRC currently comes with prepopulated content and support for PCI DSS 1.2 and HIPAA.

On the remediation options front, SecureGRC provides real-time status on the current state of security and compliance and then offers a checklist of questions that guides the process along, asking for proof of documentation to fulfill the compliance request. No prior knowledge of any particular compliance regulation is necessary in order to use SecureGRC. Users simply follow the application's list of instructions and upload the required documents, and the system will generate a report that can be presented to auditors to prove compliance.

The hosted model was developed with multitenant security in mind and includes security at all transmit and service levels. There is an option in the hosted pricing to pay as you use this tool, i.e., per assessment.  Subscription is $750 per year (MSRP) for SecureGRC SB and $9,100 per year (MSRP) for full SecureGRC. It is SaaS only, with no on-premise software.

The product takes an interesting approach to risk management, and we believe the final version - which includes more in-depth reporting and compliance content, and delivers on the remediation front - will be worth a look.

Review: eGestalt Technologies SecureGRC

If the product delivers as promised in final release, it is worth a look.

Got a news tip for our journalists? Share it with us anonymously here.
Tags:
compliancegovernancegrcrisksecuritytechnologies

Sponsored Whitepapers

Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Protect APIs. Protect Your Business.
Protect APIs. Protect Your Business.
KnowBe4 Benchmark Report: Reducing Human Risk & Phishing Vulnerability in ANZ
KnowBe4 Benchmark Report: Reducing Human Risk & Phishing Vulnerability in ANZ
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt

Events

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack
Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"
International Criminal Court hit by cyber attack

International Criminal Court hit by cyber attack
Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?