September 10, 2012 | Palo Alto, California: One of the world’s largest Internet and social networking companies  has selected  MetricStream IT-GRC Solution to secure its IT infrastructure by supporting an integrated program for IT and vendor risk management, compliance management, and policy management. MetricStream will help the company manage risk and control assessment workflows, automate technical control testing, enable vendor security assessments, manage compliance requirements, and collect and distribute security risk metrics.

The company’s large scale IT infrastructure comprising thousands of servers faces the challenge of constant cyber threats. The company needed a technology solution to aggregate data from different security tools used for security audits, vulnerability management, log management, and other areas. The company also wanted to automate end-to-end information security risk and compliance workflows. Another key driver for this initiative was the need to create an overarching management and reporting function that would unify and add a business context to threat and vulnerability data. This, in turn, would help the company implement a mature, risk-oriented security program.

Recent security breaches faced by various corporations have demonstrated that cyber threats are becoming increasingly sophisticated, and are outpacing traditional IT security measures. New attack vectors are being discovered nearly every day. Simultaneously, organizational boundaries are blurring with the growing use of cloud-based applications, mobile devices, and other technologies, which broaden the attack surface and make IT risk management difficult. Cyber attacks are no longer limited to the organizational perimeter, but can extend deep within, through sophisticated attack vectors and social engineering.

Internet-based companies need to be particularly proactive in managing information security and other IT risks in order to build a safe and well-protected platform that users can trust. Many have begun adopting measures to effectively manage cyber threats related to the cloud, social media, hacktivists, mobile devices, and other IT areas.

MetricStream IT-GRC Solution works on top of various security tools and products. It integrates inputs from control automation and monitoring tools, such as vulnerability assessment, configuration assessment, identity and access management, and Security and Information Event Management (SIEM) tools. It then leverages this information to provide actionable “top-down” risk intelligence. This, along with the ability to manage risks related to regulatory compliance requirements and policies, makes MetricStream a one stop solution for managing enterprise and IT risks.

About MetricStream

MetricStream, the independent market leader in enterprise and cloud applications for Governance, Risk, Compliance (GRC) and Quality Management, makes GRC simple. MetricStream apps improve business performance by strengthening risk management, corporate governance, regulatory compliance, vendor governance, and quality management for hundreds of thousands of users in dozens of industries, including Financial Services, Healthcare, Life Sciences, Energy and Utilities, Food, Retail, CPG, Government, Hi-Tech and Manufacturing. MetricStream is headquartered in Palo Alto, California, with an operations and R&D center in Bangalore, India, and sales and operations support in 12 other cities globally. (www.metricstream.com).

Press contacts

Molly Palm : pr@metricstream.com | (925) 451-1468

Download the online press kit

Request a demo Download RFP Template Pricing Contact