Allgress is differentiated in the market by its quick time-to-value, reduced complexity and cost of implementation by automating one or more IT risk, compliance and security functions for organizations and their partners

“We provide operational efficiency and informed decision making by allowing users to continuously assess and manage industry and government regulations, best practices and partner requirements on-premise or in the cloud to reduce business risk faster with less complexity.”

In today’s changing environment of more cyber security risks, continuously changing regulations, increasing use of IOT and cloud computing has put pressure on the organization of all sizes to more effectively manage risk from within and their partners. 

A risk management framework can bring visibility to key business risks and enable a company to make decisions on where to prioritize its limited budget and resources. It is through a risk management framework that real value to the business can be achieved. Since 2008, Allgress has had a mission to help security and risk professionals solve the problem of how to automate the assessment, communication, and analysis to better prioritize and remediate corporate risk. The Allgress team provides CISOs and their business counterparts with the ability to make effective investment decisions that align risk, security and compliance programs with top business priorities, communicate the value of those decisions to senior executives, and manage risk, fines, and brand damage.

Allgress goes beyond traditional risk management solutions

The Allgress Insight Risk Management solution goes beyond traditional IT governance, risk and compliance (IT GRC) management by providing assessment as well as continuous monitoring in a single solution on-premise and in the cloud. It provides security and risk professionals with a notification when a parameter falls outside the acceptable range with the supporting information they need to effectively manage organization-wide security, compliance, and risk. With Allgress, you can converge disparate enterprise risk silos to gain an immediate, intuitive and unified view of your organizations’ information security and compliance risk posture. The patented Allgress Business Risk Intelligence Engine integrates the Allgress product modules and provides common services like integrated assessment, workflow, analysis, and reporting. Highly visual and intuitive risk scoreboards, heat maps and compliance reports provide best-in-class graphics that automatically translate that data into the language of business. With Allgress, you have an operationally efficient solution that allows you to meet the demands of policy management, security and risk management, regulatory compliance, vulnerability management, incident management and 3rd Party vendor management. Recently, Allgress introduced the GetCompliant Portal for organizations that don’t need the extended functionality provided by our comprehensive Insight Risk Management platform.

Rationale behind “The Allgress GetCompliant Portal”

Allgress recently extended their product solutions with the addition of The Allgress GetCompliant Portal for customers that only have requirements for a streamlined GRC solution to manage their cloud compliance and don’t need the extended functionality provided by our comprehensive Insight Risk Management platform.GetCompliant is initially focused on tight integration with Amazon Web Services (AWS) today but will be expanded to other environments in the future. The portal is completely SaaS based eliminating the need for internal IT requirements and support. The solution can be run from device with a web browser making it platform independent.

Customers can add-on the Continuous Compliance Monitoring (CCM) module for continuous monitoring of changes within the AWS customer environment, dashboards and advanced reporting. CCM can send a notification upon the detection of a change so personnel can take appropriate action if necessary or invoke automated actions like reporting or incident management.

Panorama of Solutions Offered

Policy & Procedures Management: Provides full life-cycle management including policy definition, collaborative authoring & approval flows, exception management, policy attestation and tracking.

Vulnerability Analysis: The Allgress Vulnerability Analysis Module provides an efficient approach to collect, analyze and reporting to prioritize and remediating information security vulnerabilities based on the business impact.

Compliance Assessment and Management: Assess risks against industry standards and regulatory requirements, provide gap analysis, risk treatment and reporting while also minimizing the costs and risks of non- compliance.

Risk Management: Track strategic risks, assign ownership across the enterprise, quickly and easily communicate risk posture through dashboards, and provide continuous monitoring and improvement of risk posture of the organization

Incident Response: Track and respond to risks impacting company’s critical infrastructure.

3rd Party Vendor Management: Establish due diligence and ongoing monitoring of third party’s activities and performance.

Allgress’ Unique Benefits

Quick Time-to-value: Critical in identifying risks in days instead of weeks, months or longer

Integrated Flexible Platform: Allow organizations the GRC functions they need and support the maturity of their risk management program today while allowing them to grow the scope in the future

Visually Intuitive: Communicates visually in terms of the business is essential so executives, management, and technical audiences can understand their posture to prioritize potential risks and budget accordingly. Support for all environments: Support on-premise, cloud or hybrid environment to meet their business requirements

Integration with existing investments: Tightly integrates with numerous security scanners, application scanners, DLP applications, Identity and Access platforms, security event management systems, etc. to reduce the need for manual assessments

Partnerships with the industry’s most recognized and respected companies: Technology and integration partners allow customers to continue to use Allgress with their current solution providers like AWS, hosting.com, etc.

Gordon Shevlin, Founder, and CEO: Gordon Shevlin is the CEO of Allgress Inc, an IT-GRC company, and one of several security companies he has co-founded over a career spanning more than 25 years. Prior to Allgress, Gordon co-founded SiegeWorks and SiegeWorks International, a digital defense services firm. There he grew the company, built a strong international presence, and managed its successful acquisition by FishNet Security, the nation’s leading provider of information security solutions.

With his breadth of knowledge in information security, Gordon has been invited to serve on the advisory boards of 12 leading information security companies. In addition to being a serial entrepreneur, Gordon has been dedicated to enhancing the knowledge and skills of information security professionals through his volunteer work with ISSA. Among his many roles, Gordon has been President and Vice President of the ISSA Silicon Valley Chapter, CFO of ISSA International. Gordon is a graduate from the University of Michigan.

Jeff Bennett, Founder, President and COO: Jeff Bennett brings more than two decades of: business leadership, product development, and IT security and compliance industry experience to the company. A serial entrepreneur, he has founded and led several companies, including digital defense services firms SiegeWorks and SiegeWorks International. In 2006, FishNet Security, the nation’s leading provider of information security solutions that combine technology, services, support and training, acquired SiegeWorks. Following the acquisition, Bennett served as executive vice president of services at FishNet. He has served on the advisory boards of other leading security providers. Bennett holds a Bachelor of Science Degree in Business Administration from California State University at Hayward.

“We specialize in IT Governance, Risk and Compliance solutions for organizations of any size in any industry,”