ESP 3.0 combines key capabilities essential for effective security policy and risk management, giving enterprises a single, seamless solution to satisfy compliance requirements and gain a risk-adjusted view of their network environment.
“Attackers are nimble, motivated adversaries and their never-ending intrusions into corporate networks leave CIOs constantly scrambling to plug the breaches in the dikes. But the point solutions offered to date have proven ineffective to achieve consistent and measurable security levels. We developed ESP to integrate the breadth of capabilities required to effectively implement a full range of security policies across enterprise networks,” said Dan Farmer, Chief Technology Officer at Elemental.
ESP 3.0 provides organizations with a framework that helps them meet their compliance, risk and security objectives in dynamic, real-world environments.
“In the security marketplace there are many providers of point products, but very few comprehensive security solutions to help businesses meet their broad-based security objectives, as well as their business objectives,” said Brian Guild, Senior Research Analyst, Aberdeen Group.
ESP 3.0 Introduces Security Risk Management Capability
ESP 3.0 is the second major upgrade to the Elemental security framework and includes key features to help organizations to meet their compliance objectives and to provide always-on and policy-based network access controls. This version introduces an innovative approach to information technology security risk management by leveraging ESP’s extensive transparency into the enterprise activity, security posture, and compliance of computing assets to programmatically assess risk and value within networks.
“For the past year, Elemental has helped GlobeImmune meet our security requirements while also streamlining processes to help us achieve measurable business results,” stated Mark Lund, Director of IT, GlobeImmune. “With only one product – not multiple products – GlobeImmune gains an integrated, risk-adjusted view of our network, and our security and management policies work hand in hand. With ESP 3.0, we expect to be able to further align governance, compliance, and risk management activities to drive even more business performance and return on investment.”
ESP 3.0 provides an in-depth understanding of systems that includes key factors such as hardware and software inventory, security configuration status, networking activity, and the roles of systems and users. Through this unified policy framework, organizations can assess the value and associated loss potential, i.e. the risk, of systems in a manner that reflects the context and interest of their business environment. Further, security and compliance managers can evaluate the effectiveness of their security infrastructure through a set of metrics that are continuously updated and closely aligned with the goals and interests of their business.
“Once an organization can identify sources of risk in their network environment, they are then able to strategically plan and prioritize security and compliance operations. ESP 3.0 delivers a level of security intelligence that empowers organizations to make informed decisions about how to apply limited resources and budget in a way that will both improve security compliance while also providing meaningful reduction in the risks resident within the network environment. With a risk-adjusted view of the network, companies are better able to drive strategic decisions and management of the organization towards measurable business results,” said Farmer.
Improved Reporting and Executive Level Dashboards
With new graphical summaries that provide quick reference for compliance and risk status, ESP 3.0 helps companies identify at-a-glance high-value and high-risk machines, track and value those machines over time, and expose factors causing risk. A suite of executive level dashboards provide high level overviews of compliance, risk, and value, along with detailed operational policy management summaries. Actionable reporting helps companies bridge the operational divide between security, compliance, and IT administration.
About Elemental Security, Inc.
Elemental is an industry leader in enterprise policy and risk management. Using its award-winning Elemental Security Platform (ESP), organizations can directly translate their business objectives into specific policies for all users and systems on their networks. For the first time, enterprises can use a single product to obtain measurable and comprehensive metrics for their security policy needs and compliance requirements. Founded in December 2002, Elemental is a privately held company backed by Bessemer Venture Partners, Mayfield, Sequoia Capital and Lehman Brothers Venture Partners. Red Herring and AlwaysOn have awarded the company their annual awards for the top private companies. Elemental was also named the “Most Innovative” company at the RSA Conference 2006, and earned 2006 “Private Security/Start-up to Watch” honors from Red Herring and Network World. The company is headquartered in San Mateo, Calif., and has offices throughout the U.S.