Allgress Insight Risk Manager
Strengths: Lots of deployment options, solid policy engine and good third-party integration.
Weaknesses: Website needs to improve support features. We were told that the site contained a FAQ and knowledge base, but we were unable to find them.
Verdict: Well worth looking at for those with a need for a complete risk management tool.
This is a strongly IT-focused compliance and risk management tool. It is available for the cloud, non-cloud and both. It can be on-premises or hosted. There is a heavy emphasis on visualisation. Different visualisations are provided for executives and engineers. The architecture is based on their modular risk intelligence engine. The tool includes complete lifecycle management. Available modules support policy management, security and compliance management, vendor management, incident management, vulnerability management and assessment and risk analysis. If you don't want to use the incident management module for ticketing you can integrate with remedy.
The product sports a much improved web portal. There is a greatly enhanced risk register. The tool now uses OCTAVE and 800-53 for risk management standards. Unlike similar tools, Insight Risk Manager does not pull threat intelligence from outside. Instead it uses the tools the customer is using. An exception is that it uses the Amazon Web Services API to pull information. There is a direct integration with the AWS tools. Allgress has a strong connection with AWS.
We found reporting to be very good. We liked that as strong reporting is critical in regulatory compliance. We especially liked that the tool formats reports the way the compliance auditors want to see them.
Workflows are intuitive and the tool can implement automated ticketing triggered on finding vulnerabilities based on your pre-configured parameters. Automated closed loop remediation is part of the process. We greatly prefer a closed loop system such as this one that detects, remediates and retests. When a vulnerability reappears after remediation, a new ticket opens automatically. You can set up ticketing rules that apply to individual systems or you can create ticketing rule containers.
Allgress provides over 1,000 different policies in the provided library and you can update, change and write your own policies. The entire process is mapped to the lifecycle maturity model. The risk register uses OCTAVE and NIST as the basis for defining risks. However, you can use the existing supplied risk items or you can create your own. The tool does what-if analysis to see what changes would impact risk and how.
Reporting is quite complete. You can create custom reports and dashboards, and reports can be emailed automatically to management, support or other groups within the organisation. In terms of reporting and risk data collection, not only can you create your own reports, you can create surveys, policies, standards, etc.
You can import results from one assessment into another so you don't need to gather the same data multiple times for several different assessments. In terms of mappings between policies, standards, regulations and the like, you can create your own mappings or you can use theirs. The tool integrates with third-party products such as SIEMs and vulnerability management products.
Generally speaking, risk analysis is easy to perform and is well-automated. Risk analysis is based on the NIST 800-series requirements. However, we found that the website, while strong in marketing and sales information, is light on support options. In fact, the only thing we found on the website that led to support was a phone number marked "Help is on the way." Support is available at no cost if you choose the cloud-hosted (SaaS) option, but otherwise there is an upcharge of up to 30 percent.
Documentation depends on which configuration you select. Obviously, SaaS tends to require less documentation since configuration, for example, is less daunting. Given the wide range of pricing available for a wide range of sizes and configurations supported, we see this as being a pretty good value. How good a value it is for your organisation specifically will depend on such things as size of the deployment and which deployment options you select (cloud, on-premises, etc.).