FISMA News

Signacert Announces Full Support of SCAP and FDCC

(Dec 05, 2007)-- SignaCert announced its active support of the Security Configuration Automation Protocol (SCAP) and Federal Desktop Core Configuration (FDCC) mandates, as directed by the Office of Management and Budget (OMB). Using software measurement methods, SignaCert products can prove that federal systems under the OMB mandate are FDCC compliant to the binary level. SignaCert will provide standard baseline images for both Windows XP and Vista desktops at no additional charge with its Enterprise Trust Server (ETS), both as an appliance-based solution or a hosted service.

As an adjunct requirement under the Federal Information Security Management Act (FISMA), both SCAP and FDCC have been added to the list of FISMA compliance and reporting requirements for all Federal Agencies effective February 1, 2008. OMB, in conjunction standards and technical guidance from the National Institute of Standards (NIST), the Department of Defense (DOD) and the Department of Homeland Security (DHS) created and announced the new requirements in memo form on March 22 and June 1, 2007. Through the use of SCAP and FDCC, these and other agencies have worked to supplement FISMA with more standardized methods and prescriptive controls than before.

SignaCert has the only solution available that can automatically prove that FDCC images remain deployed as intended over their lifetime. "With the foundation of a trusted platform, it is possible to definitively prove that the runtime data structure is as intended and authorized," said Amal Chaudhuri, president and COO of SignaCert. "SignaCert has the only solution available that can automatically prove that FDCC images remain deployed as intended over their lifetime."

While SCAP is intended to standardize the configuration controls for desktop systems subject to the OMB mandates, SignaCert goes one step further by verifying that the actual deployed binary image meets the prescribed image requirements under FDCC.

Additionally, SignaCert announced its partnership to support SCAP in partnership with Secure Elements on September 20, 2007, and expects to work with other existing and emerging vendors supporting the SCAP standards and methods.

The FDCC standard image validation templates can be specified when ordering the SignaCert Enterprise Trust Server (ETS).

Share or bookmarklet this web page at: