MetricStream IT-GRC integrates with QualysGuard Vulnerability Management

MetricStream and Qualys announced the integration of MetricStream IT-GRC Solution with QualysGuard Vulnerability Management (VM).

The joint solution provides a single robust framework to automatically monitor and capture all asset and network vulnerabilities, and route them through a systematic process of investigation and remediation. This integration enables customers to quickly identify and report on the vulnerabilities affecting business critical assets, map security issues to business applications, and aggregate and rollup risk information across their enterprise for proactive mitigation.

Many compliance regulations today lay out requirements for IT security and business risks. This has led to a greater convergence between the disciplines of IT security and IT-GRC. The joint solution addresses this convergence, providing an integrated and efficient approach to managing IT risks.

QualysGuard VM locates and identifies network devices and applications, scans those devices and applications to detect vulnerabilities, and provides detailed information on the nature of those vulnerabilities. MetricStream IT-GRC solution imports this data in real time, and initiates immediate remedial action by assigning investigative responsibilities to the appropriate personnel.

Automatic alerts ensure that action plans are carried out to closure, while advanced dashboards and reports provide in-depth visibility into the status of each case, enabling real-time tracking and trend analysis.

“IT security managers are under enormous pressure to protect IT assets – a task that becomes more challenging as networks grow more complex, and security threats become more sophisticated,” says Vidya Phalke, CTO at MetricStream. “The use of virtualized infrastructure is rising, smart phones and tablets are proliferating, reliance on managed IT services is increasing, and business managers are independently driving the adoption of cloud applications. These trends are introducing a whole new class of risks and threats that enterprises need to deal with. Our partnership with Qualys will strengthen organizations’ ability to tackle these security risks and compliance challenges.”