Risk Based Security, Inc. and eGRC.COM Announce Partnership


Risk Based Security, Inc. (RBS) is pleased to announce a partnership with eGRC.COM (eGRC) and the corresponding launch of the RiskManaged VulnDB Connector.

eGRC provides Enterprise Governance, Risk and Compliance software, integration and consulting services to Fortune 500 clients.  eGRC helps customers maximize value from their GRC platform investments, supporting a variety of technologies including RSA Archer. Clients are guided through effective GRC platform technology implementations that include establishing processes consistent with organizational risk profiles, business objectives, and regulatory guidance.

One common problem organizations often encounter during GRC program implementation is the integration of various data sources and security intelligence feeds necessary to support a holistic risk analysis and mitigation approach. eGRC has developed a software as a service (SaaS) platform called RiskManaged that addresses this need, providing a streamlined approach to GRC data gathering and correlation.  

The new RiskManaged VulnDB Connector has been developed in cooperation with Risk Based Security, Inc. to make VulnDB data readily available for analysis and use by eGRC’s clients who leverage the Archer GRC platform.

“By combining the RiskManaged platform with the unparalleled vulnerability data set created by RBS, our mutual clients will be provided with a capability that we call “Predictive Vulnerability Analytics”. Our solution provides an additional layer of risk mitigation, helping CEOs and their security teams reduce their risk of exposure.” said Lorne O. Joseph, Founder and Managing Consultant at eGRC.COM.

Adding VulnDB – the world’s most comprehensive and detailed vulnerability intelligence – to a leading GRC platform like Archer provides immediate value. By combining the power of VulnDB with the extensive capabilities of Archer, organizations can more effectively understand their risk level and properly prioritize remediation. With this built-in integration, organizations not only get the best vulnerability intelligence but are also able to reduce the effort required to fully realize the capabilities of the Archer platform.

“Using vulnerability intelligence is critical for proper risk management. The RiskManaged VulnDB connector makes it easy to integrate world-class vulnerability intelligence from VulnDB into the Archer GRC platform and should definitely be considered by organizations wanting to make a step-change improvement in their vulnerability management program”, said Eric Paxton, Director of Business Operations for Risk Based Security.

About Risk Based Security

Risk Based Security, Inc. provides detailed information and analysis on Vulnerability Intelligence, Data Breaches, and Organization Risk Ratings. Our products, VulnDB and Cyber Risk Analytics (CRA), provide organizations access to the most comprehensive threat intelligence knowledge bases available, including advanced search capabilities, access to raw data via API, and email alerting to assist organizations in taking the right actions in a timely manner. In addition, our YourCISO offering provides organizations with on-demand access to high quality security and information risk management resources in one, easy to use web portal.

VulnDB is the most comprehensive and timely vulnerability intelligence available and provides actionable information about the latest security vulnerabilities via an easy-to-use SaaS Portal.  In addition to the eGRC connector for Archer, VulnDB includes a RESTful API for easy integration into other GRC tools and ticketing systems. VulnDB allows organizations to search on and be alerted to the latest vulnerabilities, both in end-user software and the third-party libraries or dependencies that help build applications.  A subscription to VulnDB provides organizations with simple to understand ratings and metrics on their vendors and products, and how each contributes to the organization’s risk-profile and cost of ownership.

About eGRC

eGRC is a firm dedicated to solving the real concerns that our clients face. eGRC has a history of assisting clients in streamlining their processes to reduce workload, while also using accumulated data to identify and help mitigate associated risks. Whether in a project mode or outsourced capacity, we stand ready to serve our clients’ needs.

eGRC is dedicated to Governance Programs, Risk Consulting and Advisory Services. eGRC is a Small, Woman and Minority certified business that employs professionals with decades of experience in the governance, risk and compliance fields.

eGRC believe that words like experience, world class and best practices are overused and have lost much of their meaning. eGRC have chosen to differentiate ourselves by getting back to basics and creating an environment where you can measure us by the results we achieve.