Allgress Insight and Risk Manager v5
June 02, 2014
The product is available as SaaS or on-premise; a small annual subscription is £5,940, while a medium enterprise subscription is £23,760.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Ease of use, some nice visualisation tools, UI is strong.
- Weaknesses: None noted.
- Verdict: Takes a lot of the complexity out of risk management. This is a very complete tool.
The Allgress Insight Risk Management Suite is built on an integrated modular architecture and includes assessment, vulnerability analysis, risk analysis, policy management and incident management modules. Functionality includes a common centralised database that supports the ability to consistently manage the entire IT risk management process and the ability to integrate with existing solutions.
Allgress helps IT and non-technical-oriented leadership understand their vulnerability risk posture in a language they understand so they can prioritise IT resource investments to meet business objectives. Customers import the information they already have, which is usually vulnerability and configuration data, and extract business value easily understood by non-IT audiences. This allows them to allocate resources to reduce business risk, comply with regulations and eradicate security exposures. One of the new features to this release is an updated workflow set of tools. The automation that is built in allows users to reduce the time it typically takes to get through the remediation process, reducing the risk associated with those gaps.
The vulnerability analysis module offers a great way to manage work. Users can easily manage and prioritise tickets, and have a clean search tool that allows them to quickly pull in subsets of information and then drill down to the detailed vulnerability or asset data right from the search results. The policy module was complete. It comes fully populated with content as the unified compliance framework (UCF) content library is included with the software.
Allgress provides full policy-lifecycle management along with version control. One great feature we particularly liked enables users to quickly map policy requirements back to the compliance/regulatory requirements. The incident module provided an interface to manage workflows. Vendor risk management is also available through templated assessments and tools for managing the workflow, including notification, assignment and alerting functions. The risk module had strong visualisation tools, and includes a powerful modelling tool that made it very easy to visualise historic information and risk over time. The reporting was very good and included thing like heat maps.
The risk engine is based on the NIST 800-53 framework. On top of all of these is an easy-to-use user interface based mostly on a graphical driven model. The visual user interface reduces the complexity of the entire GRC management lifecycle by providing automation, ease of use and representation of information. The user interface and visualisation tools throughout all modules are a differentiator.
Allgress is delivered as either an on-premise or SaaS solution. The on-premise offering requires Windows Server 2008 R2(x64) and SQL Server 2008R2(x64). We were told that typical implementations take about 30 minutes to get the software installed and about two weeks to get through integration and configuration.
A first year of maintenance as well as eight-hours-a-day/five-days-a-week phone and email support is included with the license purchase. Extended 24/7 support is available at 30 percent of list price. Maintenance includes all updates including major releases.
Prices are US-based, thus indicative only.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry