RedMonocle is risk intelligence software specially designed for the transformative CISO
RedMonocle, Inc. is a SaaS-based cyber risk quantification software designed to help CISOs and cyber security leaders, like you, find, fund, and fix their cybersecurity risk blind spots.
How? The platform maps the software features available in your Security Stack to cybersecurity and privacy control standards like NIST SP 800-53, NIST SP 800-171, and the NIST CSF, so you can see where you have gaps and overlaps in coverage. Your gaps represent your blind spots and holes that could lead to a breach. Your overlaps represent areas for cost optimization.

RedMonocle CRQ helps transformational CISOs quantify cyber risk to Find, Fund, and Fix cybersecurity risk blind spots and solidify a seat at the Board room table.
How? By mapping software features in your Security Stack to your security framework, like NIST SP 800-53. We help you see gaps and overlaps in coverage, connect them to business objectives to secure funding, and manage cybersecurity initiatives across your organization.
RedMonocle CRQ helps transformational CISOs quantify cyber risk to secure their stack – and their seat at the Board Room table – with a single platform.
Our Founders’ Story
RedMonocle was founded by Sean McDermott and Chris Schroeder who were also the masterminds behind RealOps, Inc. which was acquired by BMC. After doing over 25 years of extensive research on the complexities of purchasing and deploying enterprise software they realized there was a gap in the market; tools rationalization. They set out asking Technology leaders three important questions. First, how many software tools do you have? Second, how much do you pay for them? Third, do you know where you have gaps?
The resounding answer was, “I don’t know.” Sean and Chris aimed to change this.
After doing extensive research in the IT industry to discover where IT leaders might be missing the vulnerabilities they found something they didn’t expect. It turns out, the Software Stack, itself, is under attack. Every month we hear of another software product that’s announcing an exposed vulnerability. The concept of “trusted third party” software vendors is becoming a misnomer as Security Leaders face the impact of these breaches and look for ways to Secure their Stack.
Sean and Chris knew this was a problem they could solve. Together the team created and catalogued a Knowledge Base of over 300 security tools including their features and how those features map to cybersecurity and privacy control standards like NIST SP 800-53, the industry standard of choice. Now they could find cybersecurity risk blind spots and find their fixes from the Knowledgebase of alternatives. Then they partnered with Forrester to create indexes that make the business case for closing the risk blind spot so CISOs could fund their fixes. And finally, they built a risk registry for tracking fixes through their lifecycle.
They built a CISOs best friend. We call it RedMonocle.