This article can also be found in the Premium Editorial Download "Information Security magazine: Reviews of six top Web application firewalls."
Download it now to read this article plus other related content.
TraceSecurity Risk Manager
| for 2 years|
That's a lot for any organization, especially those outside traditionally highly regulated industries and/or lack the resources and expertise to adequately monitor and enforce their policies and deliver auditable reports.
TraceSecurity takes on the heavy lifting of compliance for SMBs through its SaaS suite, Compliance Manager, and several related services. Risk Manager 1.0, its newest service, maintains an automated, continuous risk assessment process for customers, a significant step beyond one-time, third-party assessments conducted by TraceSecurity and many other consulting firms.
"In the past, we would do all the work, give our report and walk away," says CTO Jim Stickley. "It wasn't that functional after we left--just a snapshot of their life."
Risk Manager scans the network and delivers risk scores, profiles and reports based on potential threats and asset criticality as determined by the customer, guiding risk management and mitigation, and satisfying audit requirements.
It can be applied to nontechnical risks as well, to help form disaster recovery/business continuity plans.
TraceSecurity's flagship service, Compliance Manager, provides continual monitoring, measures current security progress and posture and produces vulnerability reports and remediation recommendations.
This was first published in March 2008