Silicon 70 2018

An Interview with Gordon Shevlin, Allgress Co-Founder and CEO: “We specialize in helping Organizations in any Industry reduce their business risk by automating the management of Governance, Risk, and Compliance”


When entrepreneurs start a business, most of their attention is on the benefits the business promises like helping customers solve pervasive challenges, creating an innovative work environment and generating profit. But it’s also essential to protect a business against the ‘what-ifs,’ or in other words, manage the risk that an organization or their partners may encounter.

All companies are exposed to risk, which is the probability or threat of damage, injury, liability, loss or any other adverse occurrence that many times can be avoided through training or preemptive action.

Allgress helps enterprise executives, business stakeholders, and risk professionals automate the process of how to assess, understand and manage corporate risk.

Allgress is a global provider of automated next-generation integrated cloud and on-premise IT Security, Compliance and Risk Management Solutions for organizations and their business partners to meet business objectives with less risk. Allgress solutions enable organizations to automate processes for assessment, reporting, monitoring, and remediation of business risks with less complexity and reduced management costs. Unlike other similar solutions, Allgress’ patented award-winning technology allows customers to derive quicker-time-to-value without an army of consultants.

The company is committed to providing peace of mind with the ability to make effective investment decisions that align risk and compliance programs with top business priorities, communicate the value of those decisions to senior executives, and manage risk, fines, and brand damage.

Allgress was established in 2008 and is headquartered in Livermore, California.

Gordon Shevlin, Allgress Co-Founder/CEO, spoke exclusively to The Silicon Review. Below is an excerpt.

Going beyond by Delivering Risk Management Solutions that provide Quick-Time-To-Value

Allgress delivers integrated risk management solutions that facilitate identifying and mitigating business risk quicker with less complexity.

The Silicon Review Magazine Guide recognition of Allgress further validates our Risk, Compliance, IT Security and third-party vendor management solutions as best-in-class and leading the industry providing automated streamlined rapid business risk management. This honor is the highest endorsement of the fact that Allgress continues to focus on delivering integrated risk management solutions that facilitate identifying and mitigating business risk quicker with less complexity.

Allgress is increasing the confidence how companies of all sizes across different industries reduce business risk by empowering organizational and third-party stakeholders and management teams to identify their risk posture compared to business opportunities quickly.

Enabling Business to Reduce Risk with Less Complexity

Ease of use is one of the most obvious – the ability to craft just the right risk and compliance management system that you need and build out a full platform to meet your specific use-cases over time starting with a minimal deployment is a strength. That with the ability to leverage the data feeds from solutions you already have in place to limit your investment in new technology. Allgress provides a visual representation of your risk posture, compliance status and state of third-party vendors that is easily interpreted by different audiences. Since the entire platform uses the same GUI no matter what function you utilize no staff retraining is required, saving time and promoting quick time-to-value.

The Allgress Insight Risk Management platform provides continuous assessment, as well as a complete risk and compliance management solution that can be deployed on-premise or in the cloud. It provides stakeholders and risk professionals with a notification when a parameter falls outside the acceptable range with the supporting information they need to effectively manage organization-wide security, compliance, and risk. With Allgress, you can converge disparate enterprise risk silos to gain an immediate, intuitive and a unified view of your Organization’s business risk posture.

Innovation: Building on Proven Solutions

Allgress was the first solution provider to introduce a streamlined continuous monitoring solution to reduce the complexity, increase the speed, and shorten the timeframe of achieving compliance, adhering to regulations and best practices in the AWS environment with the RPM (Regulatory Product Mapping) solution.

Allgress recently introduced ComplianceVision that extends the Allgress Regulatory Product Mapping (RPM) tool to further automate and streamline the entire assessment process with minimal human intervention. ComplianceVision can be further expanded with the Allgress Insight Risk Management (IRMS) Suite to address complete risk management functions like comprehensive policy, incident, exception, third-party vendor management risk analysis and advanced reporting.

Allgress: Providing Comprehensive Solutions that Grow with the Business

Risk Analysis and Management: Identity, assess, measure multi-level quantitative and qualitative risks and identify key risk information, treat, manage, monitor, and report on enterprise and IT risks to objectives, business entities, assets, and projects.

IT Security Orchestration and Response: Prioritize and remediate information security vulnerabilities based on the business impact of the asset.

Regulatory Corporate Compliance and Oversight: Assess controls and manage to demonstrate overall compliance program, document and manage change to obligations, compliance, remediate non-compliance, and report.

Audit Management: Automate and Manage internal audit operations and documentation. Exception Management to define, track and manage the acceptance of risk exceptions.

Vendor Risk Management: Manage, govern and monitor 3rd party relationships, particularly risk, compliance and IT security challenges these relationships bring to the business.

Policy Management: Centrally manage the full policy life-cycle including definition, approvals, exception management, tracking, development, approval, distribution, and communication.

Incident Management: Manage the entire lifecycle of risk, compliance, IT security and 3rd-party incidents and investigations.

Allgress: A Brief Background

Gordon Shevlin, CEO, and Co-Founder and Jeff Bennett, President, COO and Co-Founder, both have a relentless drive to help customers reduce the complexity of identifying and mitigating business risk in less time with reduced complexity. They continuously interact with customers and partners to discuss risk management challenges and innovative ways of expanding the Allgress solutions. True to their passion, their efforts of keeping pace with the rapid change have leveraged the platform to its highest level.

Gordon Shevlin: CEO, Co-Founder

Gordon Shevlin has a career spanning more than 25 years. Prior to Allgress, Gordon co-founded SiegeWorks and SiegeWorks International, a digital defense services firm. With his breadth of knowledge in information security, Gordon has been invited to serve on the advisory boards of 12 leading information security companies. In addition to being a serial entrepreneur, he has been dedicated to enhancing the knowledge and skills of information security professionals through his volunteer work with ISSA. Among his many roles, Gordon has been President and Vice President of the ISSA Silicon Valley Chapter, CFO of ISSA International, and has held board positions for three consecutive terms.

Gordon is a graduate of the University of Michigan.

For additional information, please visit us at

“By Streamlining Business Risk Management, Allgress reduces the Complexity and Cost of Risk Management.”