Click here to close now.


Microsoft Cloud Authors: Jayaram Krishnaswamy, Elizabeth White, Andreas Grabner, Jim Kaskade, Pat Romanski

News Feed Item

eGestalt Announces Next Generation Security Posture Management With Aegify

Cloud-Based, Software-Only Solution Is Powered by Rapid7 Technology

SANTA CLARA, CA -- (Marketwire) -- 11/19/12 -- eGestalt Technologies (, a provider of IT security monitoring and compliance management for SMBs and enterprises, today announced Aegify, the world's first completely integrated and unified IT-GRC and cloud-based Security Posture Management (SPM) product using a completely software-based solution.

Security Posture Management (SPM) is the art and science of monitoring and managing business security status by orchestrating process, people, and technological resources to achieve security objectives. This involves identifying business critical IT assets, evaluating their risks based on vulnerabilities and the impact of potential threats, and mapping results directly to controls to initiate appropriate countermeasures.

Aegify SPM is powered by Rapid7's Nexpose vulnerability management technology, which scans physical and virtual networks, databases, operating systems and web applications, enabling customers to remediate vulnerabilities and misconfigurations and to enforce policies. Rapid7 ( is a leading provider of IT security risk management solutions used by more than 2,000 enterprises and government agencies in more than 65 countries.

Aegify is a complete integration of eGestalt's HIPAA and PCI compliance tool SecureGRC, with security posture management capability using an innovative, patent-pending expert systems technology to automatically map the security vulnerabilities to compliance mandates. The tool can import data from other standard vulnerability scanners in the industry as well.

Says eGestalt President Anupam Sahai, "We are very excited about the strategic partnership with Rapid7. Aegify is the first true software- and cloud-based unified security and IT-GRC solution on the market with end-to-end automation including vendor management and support for multiple compliance business frameworks such as PCI, HIPAA/HITECH, SOX, FISMA, and GLBA. This is also the first product in the market which can automatically map security vulnerabilities to compliance mandates using an innovative expert systems approach thereby eliminating manual work required and saving significant costs. It advances the state of the art in the industry besides still continuing to be 10 to 20 times more cost-effective than any other competing solution."

There are thousands of security exposures identified and documented as vulnerabilities. Tools used by cyber-attackers are very sophisticated and attackers can breach the perimeter and steal data within seconds and minutes. Businesses are often caught unaware, discovering the breach only weeks and sometimes months afterwards.

"Aegify SPM brings a new cloud-based approach to managing security posture that is innovative, easy to use, and extremely valuable for defenders," said Sheldon Malm, Senior Director of Strategic Partners and Alliances at Rapid7. "By leveraging Rapid7 technology, Aegify SPM provides a comprehensive view of exposure risk that is directly connected to business assets and compliance management. This is a complementary offering that will benefit our joint customers."

A cloud application, Aegify's SPM "all hands on deck" threat management approach performs asset discovery, vulnerability analysis, risk profiling, threat impact analysis and compliance mapping. It can identify 92,000 vulnerability checks for more than 31,800 vulnerabilities across physical and virtual networks, operating systems, databases, and Web applications.

The cloud-based Aegify engine is driven in large part by eGestalt's flagship product Aegify SecureGRC, a unified security and compliance management tool that includes all of the necessary security and IT-GRC functionality required to gain control and improve compliance levels across more than 400+ regulations.

While the framework allows for the easy plug-in of any regulation or standard, eGestalt currently offers to the channel ready-to-roll compliance services with built-in frameworks to support the most stringent and popular regulations including PCI, HIPAA/HITECH, SOX, FISMA, and GLBA, as well as more country-specific regulations. Extensible with built-in frameworks, the Aegify SecureGRC solution offers a simplified approach for PCI, HIPAA/HITECH and other country specific frameworks ready-to-use out of the box. It provides automated mapping of a network's security posture to compliance controls.

All told, the integrated Security Posture Management solution Aegify offers a single approach to security and compliance management, and because it is delivered as SaaS, it is available at low cost due to its pay-as-you-grow model.

A Community Edition for diagnostics is available as a free download at For further details please call (408) 689-2586 or email [email protected].

About Rapid7 Nexpose
Nexpose proactively supports the entire vulnerability management lifecycle, including discovery, detection, verification, risk classification, impact analysis, reporting and mitigation. This gives organizations immediate insight into the security posture of their IT environment by conducting over 92,000 vulnerability checks for more than 31,800 vulnerabilities. The solution leverages one of the largest vulnerabilities databases to identify vulnerabilities across networks, operating systems, databases, Web applications and virtual assets. Risk is classified based on real exploit intelligence combined with industry standard metrics such as CVSS, as well as temporal and weighted risk scoring. Nexpose provides a detailed, sequenced remediation roadmap with time estimates for each task. Nexpose is used to help organizations improve their overall risk posture and security readiness as well as to comply with mandatory regulations, including security requirements for PCI, HIPAA, ARRA HITECH ACT, FISMA (including SCAP, USGCB, FDCC and CyberScope Compliance), Sarbanes-Oxley (SOX) and NERC CIP. Nexpose is a Common Criteria EAL3+ product and received the SC Magazine Vulnerability Assessment Tool of the Year Award in 2012.

About eGestalt Technologies Inc.
eGestalt ( is a world-class, innovation driven, leading provider of cloud-computing based enterprise solutions for information security and IT-GRC management. eGestalt is headquartered in Santa Clara, CA, and has offices in the US, Asia-Pacific and Middle East. eGestalt SecureGRC was given a rating of 4.5 stars (out of a maximum 5) with 5 stars for Features, Support and Value for money by SC magazine in June 2012. In Feb. 2012 eGestalt President Anupam Sahai was named a Channel Chief by Everything Channel's CRN. eGestalt has been ranked in the Top 10 Vendors for Compliance Management and Data Access & Security by Hypatia Research, Q4 2011. eGestalt was nominated Breakthrough Technology Vendor at XChange Americas, Aug. 2010, and selected by SiliconIndia among the "Top 10 Security Companies to Watch." Its SecureGRC application was voted runner-up in the Managed Services Category at XChange Tech Innovators, Nov. 2010. In Sept. 2011 it was selected by Everything Channel as a 2011 CRN Emerging Technology Vendor as well as a 2011 Tech Innovator for Managed Services.

Add to Digg Bookmark with Add to Newsvine

Press Contact:
Victor Cruz
For eGestalt Technologies
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

@ThingsExpo Stories
Nowadays, a large number of sensors and devices are connected to the network. Leading-edge IoT technologies integrate various types of sensor data to create a new value for several business decision scenarios. The transparent cloud is a model of a new IoT emergence service platform. Many service providers store and access various types of sensor data in order to create and find out new business values by integrating such data.
There are so many tools and techniques for data analytics that even for a data scientist the choices, possible systems, and even the types of data can be daunting. In his session at @ThingsExpo, Chris Harrold, Global CTO for Big Data Solutions for EMC Corporation, will show how to perform a simple, but meaningful analysis of social sentiment data using freely available tools that take only minutes to download and install. Participants will get the download information, scripts, and complete end-to-end walkthrough of the analysis from start to finish. Participants will also be given the pract...
Too often with compelling new technologies market participants become overly enamored with that attractiveness of the technology and neglect underlying business drivers. This tendency, what some call the “newest shiny object syndrome,” is understandable given that virtually all of us are heavily engaged in technology. But it is also mistaken. Without concrete business cases driving its deployment, IoT, like many other technologies before it, will fade into obscurity.
SYS-CON Events announced today that Super Micro Computer, Inc., a global leader in high-performance, high-efficiency server, storage technology and green computing, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Supermicro (NASDAQ: SMCI), the leading innovator in high-performance, high-efficiency server technology is a premier provider of advanced server Building Block Solutions® for Data Center, Cloud Computing, Enterprise IT, Hadoop/Big Data, HPC and Embedded Systems worldwide. Supermi...
WebRTC services have already permeated corporate communications in the form of videoconferencing solutions. However, WebRTC has the potential of going beyond and catalyzing a new class of services providing more than calls with capabilities such as mass-scale real-time media broadcasting, enriched and augmented video, person-to-machine and machine-to-machine communications. In his session at @ThingsExpo, Luis Lopez, CEO of Kurento, will introduce the technologies required for implementing these ideas and some early experiments performed in the Kurento open source software community in areas ...
Electric power utilities face relentless pressure on their financial performance, and reducing distribution grid losses is one of the last untapped opportunities to meet their business goals. Combining IoT-enabled sensors and cloud-based data analytics, utilities now are able to find, quantify and reduce losses faster – and with a smaller IT footprint. Solutions exist using Internet-enabled sensors deployed temporarily at strategic locations within the distribution grid to measure actual line loads.
“In the past year we've seen a lot of stabilization of WebRTC. You can now use it in production with a far greater degree of certainty. A lot of the real developments in the past year have been in things like the data channel, which will enable a whole new type of application," explained Peter Dunkley, Technical Director at Acision, in this interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The Internet of Everything is re-shaping technology trends–moving away from “request/response” architecture to an “always-on” Streaming Web where data is in constant motion and secure, reliable communication is an absolute necessity. As more and more THINGS go online, the challenges that developers will need to address will only increase exponentially. In his session at @ThingsExpo, Todd Greene, Founder & CEO of PubNub, will explore the current state of IoT connectivity and review key trends and technology requirements that will drive the Internet of Things from hype to reality.
There will be 20 billion IoT devices connected to the Internet soon. What if we could control these devices with our voice, mind, or gestures? What if we could teach these devices how to talk to each other? What if these devices could learn how to interact with us (and each other) to make our lives better? What if Jarvis was real? How can I gain these super powers? In his session at 17th Cloud Expo, Chris Matthieu, co-founder and CTO of Octoblu, will show you!
Today’s connected world is moving from devices towards things, what this means is that by using increasingly low cost sensors embedded in devices we can create many new use cases. These span across use cases in cities, vehicles, home, offices, factories, retail environments, worksites, health, logistics, and health. These use cases rely on ubiquitous connectivity and generate massive amounts of data at scale. These technologies enable new business opportunities, ways to optimize and automate, along with new ways to engage with users.
Through WebRTC, audio and video communications are being embedded more easily than ever into applications, helping carriers, enterprises and independent software vendors deliver greater functionality to their end users. With today’s business world increasingly focused on outcomes, users’ growing calls for ease of use, and businesses craving smarter, tighter integration, what’s the next step in delivering a richer, more immersive experience? That richer, more fully integrated experience comes about through a Communications Platform as a Service which allows for messaging, screen sharing, video...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo in Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal an...
SYS-CON Events announced today that Sandy Carter, IBM General Manager Cloud Ecosystem and Developers, and a Social Business Evangelist, will keynote at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA.
WebRTC converts the entire network into a ubiquitous communications cloud thereby connecting anytime, anywhere through any point. In his session at WebRTC Summit,, Mark Castleman, EIR at Bell Labs and Head of Future X Labs, will discuss how the transformational nature of communications is achieved through the democratizing force of WebRTC. WebRTC is doing for voice what HTML did for web content.
As a company adopts a DevOps approach to software development, what are key things that both the Dev and Ops side of the business must keep in mind to ensure effective continuous delivery? In his session at DevOps Summit, Mark Hydar, Head of DevOps, Ericsson TV Platforms, will share best practices and provide helpful tips for Ops teams to adopt an open line of communication with the development side of the house to ensure success between the two sides.
The Internet of Things (IoT) is growing rapidly by extending current technologies, products and networks. By 2020, Cisco estimates there will be 50 billion connected devices. Gartner has forecast revenues of over $300 billion, just to IoT suppliers. Now is the time to figure out how you’ll make money – not just create innovative products. With hundreds of new products and companies jumping into the IoT fray every month, there’s no shortage of innovation. Despite this, McKinsey/VisionMobile data shows "less than 10 percent of IoT developers are making enough to support a reasonably sized team....
The IoT market is on track to hit $7.1 trillion in 2020. The reality is that only a handful of companies are ready for this massive demand. There are a lot of barriers, paint points, traps, and hidden roadblocks. How can we deal with these issues and challenges? The paradigm has changed. Old-style ad-hoc trial-and-error ways will certainly lead you to the dead end. What is mandatory is an overarching and adaptive approach to effectively handle the rapid changes and exponential growth.
Today air travel is a minefield of delays, hassles and customer disappointment. Airlines struggle to revitalize the experience. GE and M2Mi will demonstrate practical examples of how IoT solutions are helping airlines bring back personalization, reduce trip time and improve reliability. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Dr. Sarah Cooper, M2Mi's VP Business Development and Engineering, will explore the IoT cloud-based platform technologies driving this change including privacy controls, data transparency and integration of real time context w...
The IoT is upon us, but today’s databases, built on 30-year-old math, require multiple platforms to create a single solution. Data demands of the IoT require Big Data systems that can handle ingest, transactions and analytics concurrently adapting to varied situations as they occur, with speed at scale. In his session at @ThingsExpo, Chad Jones, chief strategy officer at Deep Information Sciences, will look differently at IoT data so enterprises can fully leverage their IoT potential. He’ll share tips on how to speed up business initiatives, harness Big Data and remain one step ahead by apply...
Developing software for the Internet of Things (IoT) comes with its own set of challenges. Security, privacy, and unified standards are a few key issues. In addition, each IoT product is comprised of at least three separate application components: the software embedded in the device, the backend big-data service, and the mobile application for the end user's controls. Each component is developed by a different team, using different technologies and practices, and deployed to a different stack/target - this makes the integration of these separate pipelines and the coordination of software upd...