Aegify from eGestalt Technologies is a subscription-based, cloud-delivered software-as-a-service (SaaS) solution for IT security monitoring and compliance management, vulnerability analysis and risk management. Aegify plays in the security posture management (SPM) and IT-GRC space. Aegify disrupts the way businesses deal with security, compliance and risk management using an easy-to-use, cost-effective, SaaS solution. eGestalt delivers its solutions through a channel-based managed service provider community.
Aegify is extensible with built-in support for multiple regulation frameworks, such as PCI-DSS, HIPAA/HITECH, GLBA, SANS20 Critical Risk's, FISMA, SSAE 16, SOC 2, and SOX. There are roughly 800 regulation frameworks supported. Controls are harmonized across multiple regulations. The built-in risk profile database helps users automate risk management by leveraging best-practice inputs from such standards as NIST, ISO and OCTAVE. Using the user interface and workflow tools, Aegify's new risk management module helps define the asset-based risk factors and the relationships among those factors - those being threats, vulnerabilities, impacts, likelihood and predisposing condition.
A newer feature in this release is the SPM integration with Rapid 7 scanning technology. This provides automated asset discovery, vulnerability analysis and remediation tracking for both internal and external devices. Also new to this release are policy management and risk management capabilities. The auto detection and import of assets from the SPM is a useful feature, but we really liked the ability to use scan results to automatically update or answer survey questions, thus reducing the amount of actual manual input required from a survey. By automatic mapping of scan results to compliance assessments, audit reviews become much easier with auto-assess and auto-review features. Although the tool is sold as a cloud-based offering, users do have to download and run the SPM scanning tool locally. The software runs on a standard Microsoft platform and supports Windows 7 or Windows 2008 R2 Server depending on requirements.
The policy module comes complete with all the content and templates needed through the included unified compliance framework database.
The user interface is more of a web paging browsing experience. It was fairly easy to navigate through the sections. Once assets are discovered or manually entered, users work through the policy and assessment tools and are well on their way to producing risk reports. The reporting is all generated via templates. It is all customizable and the ability to "white label" or co-brand any of the reports is offered. There are some configurable dashboards, but for the most part, reporting was not visualization driven. The technology and logic in the risk module made it simple to classify threats and vulnerabilities to an asset type, add in all the risk controls and then calculate the risk score by asset. The work flow capabilities in this module made risk management easy.
Support is included in the license fee and includes 24/7 email- and phone-based aid Monday through Friday, 8 a.m. to 5 p.m. PDT. There is also an extensive network of channel partners providing tier 1 support. eGestalt partners have exclusive access to a partner portal that hosts an extensive knowledge base and technical collaterals.
# | Basic Subscription | Edition Type | Cost |
1 | Aegify Security and Compliance Management Bundle, Standard Edition - Includes Aegify SecureGRC Compliance Management, Aegify Security Posture Management for 20 Assets (Security Scanning) and Aegify Risk Manager | Small Business Edition | $2,499/year |
2 | Aegify Security and Compliance Management Bundle, Professional Edition - Includes Aegify SecureGRC Compliance Management, Aegify Security Posture Management for 50 Assets (Security Scanning) and Aegify Risk Manager | Small and Medium Business Edition | $5,499/year |
3 | Aegify Security and Compliance Management Bundle, Ultimate Edition - Includes Aegify SecureGRC Compliance Management, Aegify Security Posture Management for 50 Assets (Security Scanning) and Aegify Risk Manager | Medium and Large Business Edition | $11,999/year |