eGestalt Technologies is a proven, cloud-based continuous security monitoring and compliance management solution for Small and Medium Business (SMB). In June 2012, SC magazine gave our product, SecureGRC, a rating of 4.5 stars out of a maximum 5, with 5 stars for Features, Support and Value for money.
2. Market Opportunity
The recent changes in the IT compliance and security monitoring landscape makes it mandatory for 5.6+ Million businesses to become secure and compliant with one or more regulatory frameworks such as HIPAA/HITECH, PCI, FISMA, etc. Half of these businesses are in the Health sector and have to comply with HIPAA / HITECH by law. A large percentage of them also need to be compliant with PCI. This is a newly created market with hardly any other solution providers. Dealing with cyber-attacks and resolving security threats is another key driver for adoption.
An additional push is provided by the federal government which has allocated a stimulus grant of $28.0 Billion for upgrading Healthcare IT and adoption of electronic medical records. The grant is subject to the business becoming HIPAA/HITECH compliant.
The recurring revenue model is expected to build a large and loyal channel following which could be leveraged for any future expansion of product roadmap / strategy by offering additional services.
Government agencies, the credit card industry and standard bodies are pursuing penalties and violations with greater vigor, including some highly publicized and visible cases that have gotten a lot of visibility in the press.
The new market segment offers a huge, 5.0+ Billion dollar market opportunity - by selling into SMB’s and MLE’s. As per market research, the size of the current market WW is around 19.0B$ with 10-15% CAGR
The current threat landscape has changed immensely from generic exploits to targeted attacks on certain companies or users seeking specific data. Traditional security monitoring systems are incapable of detecting such targeted attacks that typically exploit an array of vulnerabilities to break-in and thereafter the compromised systems behave as an internal one with the correct application and user credentials, making it very hard to detect threats using signatures or pre-defined rules. Further each targeted attack is different each time thereby rendering signature-based tools ineffective.
The current state of the market comprises of expensive and complex application silos - Log management, Security monitoring (SIEM), Risk management, Asset management, Vulnerability analysis and penetration testing (VAPT) and Compliance management. Most of these tools are beyond the reach of SMBs. The hackers understand these issues and are accelerating their exploits within this relatively unprotected market segment thus making SMBs the target for 92% of security attacks.
What’s needed for SMBs is a security service that unifies product silos and has the features, ease of use, and price point required for this underserved market. This is the core of what we do.
3. eGestalt Technologies Inc.
Our core offering is an internet-delivered, continuous security monitoring and compliance management solution. We give our customers an automated, but complete diagnostic snapshot of their security posture. Alerting can be as simple as “red, yellow, and green” of risk due to a particular threat. The intuitive dashboard gives the customer a clear path to remediation. The solution looks at multiple contexts such as user, asset, application, compliance and data context. Further, every eGestalt customer benefits from the collective experience of the entire customer base.
Our vision is to make Continuous Security monitoring a core network utility through an easy to buy, easy to use, cloud-based solution.
Some of the key features of our patent pending, award winning solution, Aegify SecureGRC, are:
1. The solution integrates and unifies the core elements of asset discovery and management, vulnerability analysis, penetration testing, log management, SIEM, risk analysis and compliance management through a single application.
2. The solution is multi-context aware during data collection and deduction analysis by leveraging next-generation adaptive correlation and inference technology. Our dashboard delivers context-aware threat detection, and prevention through security monitoring in order to deal with cyber-attacks.
3. Dramatically lower costs and simple activation. Initial activation can be as easy as one click through the cloud: A core design goal is simplicity and ease of use. In the event customization is needed, we’re developing a channel distribution network that specializes in supporting the SMB market. SMB’s may not have internal IT staff so the solution is ready to be deployed w/o requiring any domain expertise or specialized hardware.
4. Real-time sophisticated data analytics and forensics: We provide the ability to analyze assets and security related data against massive amounts of structured and unstructured security data in the form of logs, alerts, and events through Google-like searches and actionable intelligence that is displayed on the dashboard.
5. Clearing House and Blue book for security monitoring: We create a clearinghouse of best security practices, aka blue book for security monitoring by analyzing security related data within and across companies. The clearinghouse capability will analyze and make security recommendations for business vis-à-vis the prioritized risks that will enables businesses to detect and proactively prevent security attacks through auto-remediation.
6. Business model to encourage rapid adoption through a Freemium offering.