Allgress: Bringing Business Insight to Risk, Security, and Compliance Management

Livermore, CA
The Allgress Insight Risk Management Suite (IRMS) enables enterprise risk, security, and compliance professionals the ability to efficiently manage their compliance and security mandates. By utilizing advanced visualization, automation, streamlined workflows, and the integration of existing data feeds, Allgress reduces the complexity and cost of risk management. The IRMS provides business stakeholders with the ability to make informed and effective investment decisions that align with top business priorities, by applying business context to security and compliance management.

Allgress combines both enterprise risk and IT risk into a single modular platform. The IRMS is built on an integrated modular architecture that includes risk analysis, security and compliance assessment, vulnerability analysis, vendor management, incident response, and policy and procedures management.

The platform includes a repository of data aggregated from an organization’s existing security tools, such as network vulnerability, application, and DLP scanners. By centralizing the intelligence gleaned from multiple products, organizations are able to preserve investments in their existing security technology infrastructure. By leveraging this data with Allgress selfassessments, what-if analysis, workflow and scenario modeling, users are given context around their risks.

The IRMS presents metrics and reports in a variety of levels and formats, geared toward different stakeholders. Reporting is not limited to current risks, but also includes trending techniques and business modeling to provide a complete picture of past, present, and pending business threats. Allgress helps IT and non-technical-oriented leadership realize their risk posture in a language they understand, so they can prioritize IT resource investments to meet business objectives.

Our aim is to reduce IT risks with streamlined end-to-end management of IT security and regulations

In a recent use case, a major State Agency required alignment of all IT operations with the security standards detailed in the NIST Special Publication 800-53. In order to meet these requirements, the agency utilized the Allgress Security and Compliance Assessment module to perform internal security assessments using the NIST SP800-53 framework, with additional internal standards and best practices, to rapidly determine their risk posture. With the Allgress Assessment Module, this government agency was able to automate continuous monitoring of all their Security Controls, eliminating the need for pain staking and time consuming manual processes. The agency also used the Allgress Policy and Procedures Module to map their internal security policies to the controls of the States Administration Manual, enabling better operational efficiencies, reduced operating costs and provide evidence for their external auditors.

As a centralized database with builtin integration of popular commercial remediation solutions, Allgress connects strategic risk management with IT operations, allowing for seamless oversight of the entire risk, security, and compliance life cycle. “Our aim is to reduce IT risks with streamlined end-to-end management of IT security and regulations. We meet unique requirements without an army of consultants, to get quick time to value,” explains Gordon Shevlin, Allgress Founder and CEO.


Livermore, CA

Enabling enterprise risk, security, and compliance professionals the ability to efficiently manage their risk posture, reduces the complexity and cost of risk management