WCK announced today that its innovative GRC software (Governance, Risk and Compliance software) is now integrated with SIEM (Security Information and Event Management) systems. The first such integration between WCK-GRC and McAfee’s ESM SIEM software has been certified by McAfee this month.
Enterprise Security Intelligence (ESI) is an emerging concept whose ultimate aim is to provide users with better insights so they can improve their security posture. ESI espouses an integrated approach that correlates multiple sources of security ‘big-data’ including events from SIEM systems, vulnerabilities from automated scanners and findings from human reviews and penetration tests.
The new WCK GRC-SIEM integration enhances Enterprise Security Intelligence by providing organizations with a single and more complete risk and compliance posture based on correlating risk data from the WCK-GRC system with event data generated by the SIEM software.
Using WCK’s unique asset-based approach to GRC, integration to SIEM is simple and rapid. Instead of performing tedious mapping between events to risks and controls, events are easily correlated around assets.
“Today, a Chief Information Security Officer reviews each vendor’s results separately, which result in a disjointed view of the overall security and compliance posture. This is a major challenge for the CISO,” said Eyal Adar, WCK’s founder and CEO. “WCK’s new integration between GRC risk findings with SIEM event data provides executives with business risk-decision intelligence which allows them to improve their decision-making and enhance their enterprise-wide security and business results.”
An additional advantage users can enjoy from the WCK GRC-SIEM integration is WCK’s built-in mitigation ticketing and remediation workflows for mitigating critical events discovered by SIEM systems. The remediation workflows are prioritized automatically based on their business criticality which helps the organization focus on those events that can most affect the business of the organization. The integration creates actionable insights to improve security, assess risk and prevent threats.
WCK develops and markets bSRM, a business-driven, risk management and compliance software solution for IT, cyber security and critical infrastructure protection. For more information visit www.wck-grc.com.