IT Risk Management

A unified solution for assessment, monitoring and reporting of IT Risk

Brinqa ITRM leverages powerful and dynamic risk modeling, optimized contextual data collection, state-of-the-art risk and control framework, comprehensive governance and lifecycle management, advanced graph analytics and detailed risk reporting to deliver a complete framework for assessment, monitoring, reporting and treatment of technology risk.

Exhaustive Asset Risk Repository
It is crucial to maintain a single repository of all assets for which risk needs to be evaluated and monitored. Brinqa ITRM addresses this challenge by providing a dynamic inventory template representing most assets typically required to be monitored by an ITRM program. Built on the Brinqa Risk Analytics Platform, the advanced data modeling capabilities make it very easy for risk professionals to grow the asset inventory as required by managing different asset types.
Automated Risk Assessment Campaigns
The assessment framework supports intelligent assessments that evolve with changing scope and state of analysis to reduce responder fatigue and ensure the highest quality of manual data collection possible. Assessments make extensive use of Brinqa Risk and Control Framework to go beyond static data collection and provide powerful control evaluation and gap identification.
Issue Identification & Remediation
Brinqa ITRM enables automatic issue creation and consolidation based on rules as well as manual issue creation on an ad hoc basis. Brinqa Risk Matrices enable predictive remediation planning by simulating remediation of selected issues and analyzing the corresponding quantitative risk impact. The integrated Brinqa Risk and Control Framework provides clear guidelines to security professionals about the actions that may be taken to remediate a problem.
Continuous Monitoring
Evaluate and monitor security continuously by extracting relevant security data from different tools and parts of the IT infrastructure, transforming it into a common risk language and interpreting it according to the needs and priorities of business. Brinqa ITRM simplifies this crucial step through centralized connector management, providing a single interface in which to configure the extraction, normalization and contextualization of security data, utilizing more than a 100 purpose-built, out-of-the- box connectors available for a wide variety of security tools.
Risk and Compliance Reporting
Brinqa ITRM solution comes with a wide variety of technology and business hierarchy based reports targeted for a diverse audience ranging from C-level executives to engineering managers. Line-of- business and other organizational or reporting hierarchy based reports provide a clear view into which parts of the organization are most at risk. Technology oriented reports highlight the most critical and exploited threats and guide security teams towards remediation plans that deliver the most benefit to the organization.
Learn More

Demo

watch >

Demo Watch a detailed product demonstration of the Brinqa Vulnerability Risk Service

Case Study

read >

Fortune 500 healthcare firm implements cohesive application risk management strategy

Report

read >

451 Business Impact Brief : Knowledge-driven, risk-centric vulnerability management

Interested in Trying it Out?

Experience the power of Brinqa Risk Platform with a free trial - discover unparalleled risk visibility and improved security posture within minutes.

Apple users should immediately update all their devices – iPhones, iPads, Macs and Apple Watches – to install an emergency patch for a zero-click zero-day exploited by NSO Group to install spyware.

Google has addressed two zero-day security bugs that are being actively exploited in the wild. The two zero days are tracked as CVE-2021-30632 and CVE-2021-30633.

Both Microsoft and federal cybersecurity officials are urging organizations to use mitigations to combat a zero-day remote control execution (RCE) vulnerability in Windows that allows attackers to craft malicious Microsoft Office documents.

Cisco Systems released six security patches tied to its high-end 9000 series networking gear ranging in importance from critical, high and medium severity.

In the last half of 2020, 449 vulnerabilities were disclosed. During the first half of 2021, more than 600 ICS vulnerabilities were disclosed, impacting 76 vendors.

Apple patched a zero-day flaw on Monday, found in both its iOS and macOS platforms that’s being actively exploited in the wild and can allow attackers to take over an affected system.

Brinqa today announced that the current CEO of Tricentis & former CEO of SolarWinds, Kevin Thompson, has been appointed as Executive Chairman of the Board. The company also announced it has named former HP executive Brian Moriarty as new CFO.

Microsoft has released an emergency patch for the PrintNightmare, a set of two critical remote code-execution (RCE) vulnerabilities in the Windows Print Spooler service that hackers can use to take over an infected system.

Multiple critical vulnerabilities in Philips Clinical Collaboration Platform Portal could enable an attacker to take control over an affected system, according to a recent Department of Homeland Security Cybersecurity and Infrastructure Agency alert.

The latest zero-day entails an attack chain that allows an unauthenticated intruder to execute code as root and install a permanent backdoor on the vendor’s network-attached storage (NAS) devices.

Apple users should immediately update all their devices – iPhones, iPads, Macs and Apple Watches – to install an emergency patch for a zero-click zero-day exploited by NSO Group to install spyware.

Google has addressed two zero-day security bugs that are being actively exploited in the wild. The two zero days are tracked as CVE-2021-30632 and CVE-2021-30633.

Both Microsoft and federal cybersecurity officials are urging organizations to use mitigations to combat a zero-day remote control execution (RCE) vulnerability in Windows that allows attackers to craft malicious Microsoft Office documents.

Cisco Systems released six security patches tied to its high-end 9000 series networking gear ranging in importance from critical, high and medium severity.

In the last half of 2020, 449 vulnerabilities were disclosed. During the first half of 2021, more than 600 ICS vulnerabilities were disclosed, impacting 76 vendors.

Apple patched a zero-day flaw on Monday, found in both its iOS and macOS platforms that’s being actively exploited in the wild and can allow attackers to take over an affected system.

Brinqa today announced that the current CEO of Tricentis & former CEO of SolarWinds, Kevin Thompson, has been appointed as Executive Chairman of the Board. The company also announced it has named former HP executive Brian Moriarty as new CFO.

Microsoft has released an emergency patch for the PrintNightmare, a set of two critical remote code-execution (RCE) vulnerabilities in the Windows Print Spooler service that hackers can use to take over an infected system.

Multiple critical vulnerabilities in Philips Clinical Collaboration Platform Portal could enable an attacker to take control over an affected system, according to a recent Department of Homeland Security Cybersecurity and Infrastructure Agency alert.

The latest zero-day entails an attack chain that allows an unauthenticated intruder to execute code as root and install a permanent backdoor on the vendor’s network-attached storage (NAS) devices.