Brinqa Sponsoring 2012 Gartner Security & Risk Management Summit
Brinqa & McAfee Webcast April 17th, How to Tame Your Security Risk
Brinqa Sponsoring 2012 FS-ISAC & BITS Annual Summit
Brinqa Sponsoring Shared Assessments Summit 2012
Brinqa Exhibiting at RSA Conference 2012
PRESS RELEASE: Brinqa GRC Achieves McAfee Compatibility Status
Integrated Risk Analytics: Brinqa GRC Achieves McAfee Compatibility Status
7 Ways Customers Benefit from the Alliance and Compatibility
Austin, Texas – November 17, 2011 – Governance, Risk and Compliance Management solutions provider Brinqa today announced that its GRC Platform solutions has achieved McAfee Compatible status through the McAfee® Security Innovation Alliance partner program. Brinqa has integrated its GRC Platform with McAfee® Vulnerability Manager, enabling customers to aggregate their data into a single, intuitive, user-friendly dashboard view of risk. This combination of McAfee Vulnerability Manager asset discovery with Brinqa’s asset life-cycle management and asset classification provides a comprehensive GRC solution which many enterprises desire.
The integration provides a number of important benefits to a wide range of industry sectors, public agencies, and non-profit organizations including:
- Integrated risk scoring
- Full network asset life-cycle
- Centralized asset repository
- Automated, quantitative application risk assessments
- Compliance metrics scorecard providing a library of vulnerability management metrics
- Consolidated data allowing for comprehensive application risk score for critical applications
- Automated and continuous compliance assurance by leveraging Brinqa control monitoring tool and McAfee Vulnerability Manager’s policy violation results
“We’re pleased that Brinqa has completed their integration and successfully passed testing of an important solution for our joint customers ,” said Ed Barry, vice president of the Security Innovation Alliance, McAfee. “The integration of Brinqa Risk Manager with McAfee Vulnerability Manager delivers a comprehensive solution for managing application risk scores for critical applications.”
McAfee Vulnerability Manager finds and prioritizes security vulnerabilities and policy violations on networks, balancing asset criticality with vulnerability severity to enable IT managers and enterprise executives to focus protection on the most important assets. For more information about McAfee Vulnerability Manager, please visit: http://www.mcafee.com/us/products/vulnerability-manager.aspx
“With this integration and business relationship, we have been able to show the value that Brinqa brings to our customers: a compelling aggregated view of risk”, said Amad Fida, CEO. “We continue to strive to solve our customer’s problems around attaining higher quality data to drive better decision making”.
Brinqa provides a robust GRC platform which has the following features integrated in a single solution:
- Policy management – Brinqa provides online policy management that allows complete policy lifecycle management, collaboration, and publishing
- Control monitoring – Brinqa provides complete control lifecycle management, with the capability to perform automated control tests on the various connectors
- Compliance assessment – Brinqa provides assessment management and support for best practice delivery
- Issue & Action tracking – Brinqa provides centralized issue management with the capability to manage data and reports from various sources, such as audit and control deviations. It also allows for manually created issues to be stored in that same single repository
About Brinqa
Brinqa provides enterprises and government agencies with governance, risk management, and compliance solutions that enable the continuous improvement of operational and regulatory efficiencies and effectiveness. Brinqa’s offering is the most comprehensive available on the market today, based on our forward-thinking vision of a centralized, fully automated, and re-usable governance, risk and compliance (GRC) platform combined with targeted applications to meet program specific GRC needs. Brinqa streamlines compliance through automation, monitoring of controls, measurement of key metrics and visibility through executive dashboards and reporting.
For more information please contact us via email at sales@brinqa.com or visit us at www.brinqa.com.
Webinar – 10/19 – Effective Policy Management in Today’s Enterprise
What’s a Company’s Biggest Security Risk? You.
Elevating the IT Risk Management Conversation to the Boardroom
PRESS RELEASE: Brinqa and Rapid-7 Deliver Industry-First Integration …
Brinqa and Rapid-7 Deliver Industry-First Integration of Real Exploit Intelligence with Continuous Risk Management
Pioneering Integration Enables Organizations to Factor Exploitability into Risk and Compliance Efforts
San Francisco, CA at the UNITED Security Summit – September 20, 2011 – Governance, Risk and Compliance solutions provider, Brinqa and Rapid7, the leading provider of security risk intelligence solutions, today announced a technology partnership that delivers integrated penetration testing and exploit data with compliance and risk management for the first time. The companies demonstrated the pioneering integration at the UNITED Security Summit, giving attendees insight into the benefits of having meaningful information on real-world exploits and verified vulnerabilities directly imported into a continuous risk management solution used to address Governance, Risk and Compliance (GRC) measures. Now, organizations can run vulnerability scans and penetration tests required by standards such as PCI DSS and leverage the information directly in the tools used to manage the overall compliance process. This significantly reduces the pain associated with meeting the requirements of these standards; increasing productivity and delivering peace-of-mind for business leaders.
“In today’s changing threat landscape, it is critical that organizations have an accurate, precise, and meaningful understanding of their security posture and controls performance, both to meet regulatory requirements and to protect themselves and their customers against attacks,” said Sheldon Malm, senior director of security strategy and alliances at Rapid7. “By exposing penetration testing data along with vulnerability findings in a platform like Brinqa’s, defenders gain far more insight than the simple patch auditing approaches of the past. With that awareness, customers can address security and compliance needs in a way that is practical, productive and fully embedded within operational processes.”
Rapid7’s vulnerability management solution, Nexpose, and penetration testing tool, Metasploit, combine to give users meaningful security risk intelligence so they can understand and enhance their security posture. Found vulnerabilities are mapped against real-world exploit data, enabling users to prioritize remediation for maximum productivity and impact. Combining this rich data with Brinqa’s intuitive GRC platform enables defenders to centralize the intelligence they need within a single risk management platform for in-depth analysis.
Remediation of the high-risk vulnerabilities identified by Rapid7 will be managed within Brinqa’s closed loop issue and action tracking process. The information is incorporated into Brinqa’s executive level dashboards and easy-to-consume reports to communicate the evidence necessary to support investments in managing risks and preventing data breaches with the largest potential business and operational impacts. This new partnership continues to strengthen Brinqa’s Risk Manager, already the leading product offering a centralized view of risk.
“Leveraging Brinqa’s advanced risk modeling and Rapid7’s Nexpose and Metasploit solutions offers organizations a truly unified view of their risk and most significant vulnerabilities for the first time,” said Amad Fida, CEO of Brinqa. “Not only does this partnership uniquely enhance our customers’ understanding of their risk posture, but it also provides a cohesive solution for managing risk reduction.”
This partnership builds on both companies’ commitment to building the risk intelligence and management ecosystem, extending the value delivered to customers through integrated solutions that increase efficiency and effectiveness.
###
About Brinqa
Brinqa provides enterprises and government agencies with governance, risk management, and compliance solutions that enable the continuous improvement of operational and regulatory efficiencies and effectiveness. Brinqa’s offering is the most comprehensive available on the market today, based on our forward-thinking vision of a centralized, fully automated, and re-usable governance, risk and compliance (GRC) platform combined with targeted applications to meet program specific GRC needs. Brinqa streamlines compliance through automation, monitoring of controls, measurement of key metrics and visibility through executive dashboards and reporting. For more information please contact us via email at sales@brinqa.com or visit us at www.brinqa.com.
About Rapid7
Rapid7 is the leading provider of security risk intelligence solutions. Rapid7′s integrated vulnerability management and penetration testing products, Nexpose and Metasploit, empower organizations to obtain accurate, actionable and contextual intelligence into their threat and risk posture. Rapid7′s solutions are being used by more than 1,600 enterprises and government agencies in more than 65 countries, while the Company’s free products are downloaded more than one million times per year and enhanced further by over 125,000 security community users and contributors. Rapid7 has been recognized as one of the fastest growing security companies worldwide by Inc. Magazine and is backed by Bain Capital Ventures.
For more information about Rapid7, please visit http://www.rapid7.com.
###
Media Contact:
Brinqa:
Thomas Buckley
(512) 372.1004 ext.101
press@brinqa.com
Rapid7:
Amanda Munroe
617-779-1816
press@rapid7.com
Brinqa presenting at ISACA Hartford – 09/14
Brinqa is Sponsoring the United Security Summit 2011 – 9/19 – 9/1220
Brinqa Joins McAfee Security Innovation Alliance
ForgeRock launches the Global OpenICF Community
Brinqa is Presenting at the ISACA NY Spring 2011 Conference
ISACA New York Metropolitan Spring Conference June 6, 2011
Lessons Learned: Streamlining Application Risk Management for a Global Fortune 500
Today’s application risk management programs are siloed and largely based on manual or partially automated processes. This approach is inefficient, costly, and makes the prioritization of risks across the enterprise nearly impossible. The establishment of a holistic view of a company’s risk posture coupled with automated processes for reaching the right level of risk tolerance results in improved enterprise performance.
This presentation will explore the processes and metrics monitoring solutions used to standardize, automate, and streamline application risk management for a Global Fortune 500 company.
Speaker’s Bio
Amad Fida is the Chief Executive Officer at Brinqa where he drives the vision and overall business strategy. Previously, he was co-founder and Vice President of Engineering at Vaau, a visionary company in Compliance and Role Management. While at Vaau, Amad architected, developed, and delivered the first version of their flagship product and was responsible for setting the strategic technology and product direction until their acquisition by Sun Microsystems in 2008. At Sun, Amad led the Identity Compliance and Role Management business in delivering the #1 Role Management product as rated by industry leading analysts.
Brinqa is Presenting & Exhibiting at the ISACA LA Spring Conference, 4/18-4/20
ISACA LA Spring Conference 2011 – Presentations / Abstracts
Brinqa’s Topic: Cutting the Cost of Compliance with Controls Automation and Monitoring
Today’s internal control testing is being performed manually and/or through partially automated tools which are not connected. Additionally, there is a missing piece in the lack of connectivity between controls definitions and the IT assets they govern. The result is that adherence to regulations and policies are not only difficult to manage, but are often based on inaccurate data and an incomplete audit trail for identification/tracking of issues. In order to maximize the effectiveness of policy governance, risk management and compliance initiatives, a holistic view should be taken on program improvement validation and ROI. This presentation will cover the processes and approaches for tying together your current controls monitoring initiatives for IAM, SIEM, financial controls, and, compliance with laws and regulations such as SOX, Solvency II, PCI etc. into a continuous controls automation and monitoring program.
With continuous control automation and monitoring, companies move into the next generation where efficiency and effectiveness of their controls systems become the focus. Efforts are still streamlined through regulation mappings to policies and the connected controls that ensure adherence. However, by establishing the baseline, the focus can now shift to measurement of the increased ROI of new initiatives, increased process efficiencies and control effectiveness. Sustainable and repeatable processes increase data and control quality, and real-time information on assets prevents loss through proactive remediation or mitigation of control violations. Finally, centralizing the controls management approach provides greater visibility into the effectiveness of existing disparate controls systems.
Speaker’s Bio
Amad is the Chief Executive Officer at Brinqa where he drives the vision and overall business strategy. Previously, he was co-founder and Vice President of Engineering at Vaau a visionary company in Compliance and Role Management. While at Vaau; Amad architected, developed, and delivered the first version of their flagship product; and was responsible for setting the strategic technology and product direction until their acquisition by Sun Microsystems in 2008. At Sun, Amad led the Identity Compliance and Role Management business in delivering the #1 Role Management product as rated by industry leading analysts.
Meet With Us
Brinqa will be exhibiting throughout the conference, so please stop by our booth to check out our continuous governance, risk management, and compliance solutions. To set up time for 1:1 discussions and demos, please send email to kevin.gallagher@brinqa.com
Brinqa is sponsoring the 2011 FS-ISAC & BITS Annual Summit, 5/2-5/4
Deloitte’s Global Risk Management Survey, Seventh Edition
NIST Urges Broader Approach to Federal IT Security
Hilda Perez joins Women in Security Leadership organization
Making your network more secure through networking
On January 20th a group of executive women launched the first of a series of Quarterly Roundtables for an evening of knowledge exchange, networking and skill building with inspiring Women Leaders In IT & Security. Hilda Perez, President & Founder of Brinqa joined the first roundtable as the group began the series with a leadership discussion led by three time Best Selling Author Judith E. Glaser, CEO of the Creating We Institute, and author of Creating WE and the DNA of Leadership.
The vision is to assemble women of influence, power and intelligence working in the information security, risk management, privacy, and audit and compliance industries to discuss the best practices and develop solutions around problems in this space. In doing so we help each other grow and share in our experiences. The roundtable setting keeps the group small and the more intimate setting lends itself to more in-depth conversations. The networking provides an opportunity to personally interact with other global executives in our field. During the session, members collaborate on roundtable exercises, incident simulations, panel discussions and working groups.
Women in Security Leadership organization
Table Hosts included, Mary Beth Borgwing, President Women Leaders in Health Sciences & Technology, Marci McCarthy, CEO and President Tech Exec Networks, Rebecca Bace, CEO and President of Infidel Inc., Judith E. Glaser, CEO of Creating WE Institute.
“The beauty of empowering others is that your own power is not diminished in the process”
Barbara Colorose
Banks’ Technology Response to Regulatory Changes
7 Cyber Crime Facts Executives Need to Know
4 Best Practices for Strengthening Your Hospital’s Health IT Risk
Regulatory Compliance Tops Priority List for CIOs
Regulatory Intelligence Enabled by a GRC Technology Platform
Forrester Market Overview: GRC Platforms
Five IT Priorities for 2011 from Baseline Magazine
FCC Investigating Google Data Collection
Brinqa Featured on NetworkWorld Products of the Week
PRESS RELEASE: Brinqa GRC Platform 3.0 Simplifies Governance, Risk and…
Brinqa GRC Platform 3.0 Simplifies Governance, Risk and Compliance for Large Commercial and Government Organizations
- Brinqa 3.0 Replaces Manual, Inefficient GRC Processes with a Reusable, Automated Platform to Improve Risk Posture, Increase Transparency, and Reduce the Costs of Compliance -
AUSTIN, TX – October 27, 2010 – Brinqa (www.brinqa.com), a leading independent software vendor in the governance, risk and compliance (GRC) market, today announced Brinqa GRC Platform 3.0, the newest version of its flagship product. Designed for large commercial and government organizations, Brinqa GRC Platform 3.0 provides capabilities for policy and compliance management, process governance, incident management, and threat and vulnerability management. In contrast to the traditionally manual, inefficient and costly processes that characterize risk and compliance, Brinqa establishes a centralized, integrated and re-usable platform for GRC programs, enabling customers to improve risk posture, minimize compliance costs, and address current risk issues while enabling automation for future GRC initiatives.
Brinqa GRC Platform 3.0 manages the complete lifecycle of policies, processes, and controls from a centralized repository within the enterprise. This ensures consistent mapping to regulations, industry mandates, frameworks, standards and best practices, as well as efficient communication, audit, and enforcement of policies. Further simplifying GRC initiatives, Brinqa intelligently maps business policies to the processes and controls that implement those policies. Low level measurements are gathered in near real-time with Brinqa’s agent-less connectors, and are translated into relevant business terms that can be used by executive management in making strategic business decisions. Brinqa GRC Platform manages policy approval processes, revisions, audit history, and global updates.
Key new features of the Brinqa 3.0 GRC Platform include:
- Event-based assessments, with multi-point distribution to support multiple respondents
- Hierarchical policies with the ability to overwrite parent policy sections. Policy review in natural language.
- Cloud security and data protection standards, controls and compliance reports
- Updated regulations, industry mandates, frameworks, standards
- Simplified administration of access controls through pre-configured access roles that limit access to what the user needs to do their job
“Enterprises must address their GRC requirements as a whole versus implementing disparate products that still mandate manual processes,” said Amad Fida, President, Brinqa. “Current GRC processes are not only time-consuming and error-prone, but they must also be repeated from scratch every time an update is required. Brinqa 3.0 establishes the re-usable services that underlie all GRC programs, which increases data and control quality while reducing costs. With Brinqa, customers can design the infrastructure once and know they are leveraging existing technology investments through supported integrations. Most importantly, any future business requirements for managing risk, privacy and business continuity will be supported since we enable re-usability across GRC programs.”
Brinqa GRC Platform is a Java-based application which runs in all standard java web containers on most major platforms. The high performance back-end repository leverages an RDBMS server for storing policies, processes, controls, assessments, incidents, and a complete audit trail of all GRC-related activities.
About Brinqa
Brinqa is the leading independent software vendor in developing comprehensive governance, risk and compliance (GRC) solutions that enable enterprise customers to minimize risk, meet stringent regulatory mandates, and increase the operational efficiency of their IT infrastructures. The company’s flagship GRC platform provides a solid foundation for out-of-the-box applications such as risk management, privacy management, vendor risk management, business continuity management, and IAM Governance. For more information, please visit www.brinqa.com.
Media Contact:Sandy MoulKCOMMTel: (760) 448-5822E-mail: sandy@kcomm.com
###
Facebook in Privacy Breach
Compliance issues feeding data breaches
Brinqa is exhibiting at the Sinet Showcase 2010, 10/26-10/27
‘Snippets’ of Patient Data Are Accidentally Posted
Brinqa Selected as a Leader in Privacy Management
PRESS RELEASE: Brinqa and CSC announce strategic reseller agreement
COMPUTER SCIENCES CANADA AND BRINQA ANNOUNCE STRATEGIC RESELLER AGREEMENT TO DELIVER RISK AND COMPLIANCE CYBERSECURITY SOLUTIONS TO CANADIAN GOVERNMENT MARKET
ONTARIO, Canada, and AUSTIN, Texas – July 28 – CSC (NYSE: CSC) and Brinqa today announced a strategic agreement to bring Brinqa’s risk and compliance software solutions to Canadian government customers of Computer Sciences Canada, Inc., a wholly owned subsidiary of CSC. CSC has exclusive rights to sell Brinqa’s Threat and Risk Assessment module for information technology (IT) systems.
The Canadian government mandates that its federal departments and agencies conduct threat and risk assessments of their IT systems in accordance with the Harmonized Threat and Risk Assessment methodology, a primarily manual process. There is a strong demand to standardize the platform for information system security risk management to drive efficiencies in the assessment process, increase standardization and quality, and obtain better insight into the department’s risk profile through the aggregation and analysis of risk information, which was previously not possible with paper-based reports.
“The Brinqa platform uniquely implements the Harmonized Threat and Risk Assessment methodology in an automated way, speeding time to deployment,” said Charlie Whelan, president, Computer Sciences Canada. “Combined with CSC’s service offerings, this solution will centralize and automate the way Government of Canada departments conduct risk, compliance and security assessments. We believe this will provide a new competitive advantage to our clients who want to operate confidently in cyberspace.”
“Our partnership with CSC will streamline the way organizations approach risk and compliance initiatives by establishing a centralized framework based on a customer’s needs,” said Hilda Perez, CEO, Brinqa. “A cookie-cutter approach does not work in this arena, so we customize our platform to meet customer-specific asset identification criteria and methodologies around risk assessments. We are very pleased to team with an IT leader like CSC that has significant expertise in developing risk management solutions across global industries.”
The Brinqa platform provides comprehensive reports and dashboards that increase customer visibility into current risk posture, enabling informed decisions on future IT investments. Products offered by CSC under this partnership will include the Brinqa GRC Platform, Brinqa Risk Manager, Brinqa Privacy Manager, Brinqa Vendor Risk Manager, Brinqa Business Continuity Manager and Brinqa IAM Governance. Organizations can choose either an enterprise deployment or hosted solution.
About Brinqa
Brinqa is the leading independent software vendor in developing comprehensive governance, risk and compliance (GRC) solutions that enable enterprise customers to minimize risk, meet stringent regulatory mandates, and increase the operational efficiency of their IT infrastructures. The company’s products include the Brinqa GRC Platform, Brinqa Risk Manager, Brinqa Privacy Manager, Brinqa Vendor Risk Manager, Brinqa Business Continuity Manager and Brinqa IAM Governance. For more information, please visit www.brinqa.com.
About CSC
CSC is a global leader in providing technology-enabled solutions and services through three primary lines of business. These include Business Solutions and Services, the Managed Services Sector and the North American Public Sector. CSC’s advanced capabilities include system design and integration, information technology and business process outsourcing, applications software development, Web and application hosting, mission support and management consulting. The company has been recognized as a leader in the industry, including being named by FORTUNE Magazine as one of the World’s Most Admired Companies for Information Technology Services (2010). Headquartered in Falls Church, Va., CSC has approximately 94,000 employees and reported revenue of $16.1 billion for the 12 months ended April 2, 2010. For more information, visit the company’s website at www.csc.com, and for more about CSC’s cybersecurity solutions go to www.csc.com/cybersecurity.
# # #
