Allgress Insight and Risk Manager v4.1
June 03, 2013
A typical, small- subscription deployment does not exceed $10,000. A larger organization perpetual license starts at $25,000.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Ease of use, price performance, and some lucid visualization tools.
- Weaknesses: None evident.
- Verdict: Takes a lot of the complexity out of risk management. A lot of value for the money.
Allgress Business Risk Intelligence helps companies quickly and automatically aggregate data from security and compliance assessments and technical inputs, and turn this into meaningful, actionable, risk-specific intelligence that can be aligned with the goals of the business. With Allgress, one can identify risk areas that are underexposed, and reorder security priorities to better align with the current business environment. Allgress helps admins assess risk or compliance within their organization by determining how closely it adheres to a particular standard.
The solution is sold as on-premise software running on the Microsoft platform, Windows Server 2008 R2 (x64) and SQL Server 2008R2 (x64). We were told that typical implementations take about two weeks. There is also a hosted, cloud-based model. Licensing is either perpetual or subscription based on the model deployed. Pricing is based on the size of the organization and the number of modules purchased.
Allgress is a risk platform that includes modules supporting assessments, vulnerability analysis, policy management, mitigation and incident management. It has a well laid-out user interface with tabs across the top for each function. Users are usually no more that three clicks away from any of the information desired. The tool is preconfigured with a number of popular standards, and uses the Unified Compliance Framework (UCF) content library. The policy functionality is easy to use. The library can be hosted in the cloud or locally within an on-premise solution. Assets come in from the user's vulnerability data and are manually entered or imported.
The visualization capabilities are impressive. From the risk heat maps to the slick, wheel-based vulnerability graphs, data is presented in a usable and meaningful way. Trending techniques and business modeling offer a clear balance between past, present and pending threats to the business. One also has a beneficial "what if" analysis tool to model changes or mitigations prior to investing or deploying.
Allgress is a flexible platform that can grow with the organization's maturity level in managing risk, compliance and security. It can provide an efficient balance of timely, understandable results at a justifiable pricepoint without the added complexity of an overabundance of functions. This could be a pro and con depending on one's needs. There are more sophisticated tools on the market with more bells and whistles. The value of Allgress is to help both IT staff and non-technical-oriented leadership understand their vulnerability risk posture by employing a language they can understand. This is intended to prioritize IT resource investments to meet business objectives.
Standard eight-hours-a-day/five-days-a-week support is included with either the hosted or purchased licenses. Extended 24/7 support is available at 30 percent of the list price.
Allgress delivers a solution that can be deployed quickly so as to immediately deliver value through visualization for all technical and business groups. - ML
Sign up to our newsletters
SC Magazine Articles
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- Report: $19M breach settlement between MasterCard, Target terminated
- Logjam attack exposes data passed over TLS connections
- Google releases Chrome 43, addresses 37 bugs
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Android ransomware distributed to English speakers in spam campaign
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- Study: Average cost of data breach is $6.5M
- Data acquired from non-IRS sources enabled access to 100K taxpayer accounts
- Ransomware threat 'Locker' has sleeper component
- Beacon Health System notifies patients of possible data compromise
- Data security in the 21st century: Essentials of solid protection