FISMA News

nCircle Solutions Automate Configuration and Security Assessment to Meet Stringent Standards and Reduce Ongoing Cost of Compliance

(July 03, 2008)-- nCircle announced the Security Content Automation Protocol (SCAP) validation of nCircle IP360 and nCircle IP360 Mobile, a vulnerability and risk management system. As one of the early SCAP-validated solutions on the market, nCircle IP360 provides U.S. Federal agencies with an enterprise class system to support the largest networks, while at the same time delivering SCAP certified vulnerability scanners with the ability to determine the presence of known software flaws by evaluating the target system over the network. SCAP is a protocol using specific standards to enable automated
vulnerability management, measurement, and policy compliance evaluation (e.g., FISMA compliance) and is sponsored by the Information Security Automation Program (ISAP), a U.S. government multi-agency initiative to
enable automation and standardization of technical security operations.

"nCircle has been a charter member of the committees that created these protocols and we look forward to making SCAP an important open interface in the nCircle product line." said Tim Keanini, Chief Technology Officer at nCircle. "Like our Common Criteria Certification at EAL Level 3, this represents our commitment to standards enabling government agencies to improve security and achieve compliance at the lowest possible cost."

nCircle delivers a full suite of security and compliance products for vulnerability assessment, risk management, configuration auditing and compliance, and file integrity monitoring. With the first two products
certified, nCircle will submit additional solutions for SCAP validation including certification as a Federal Desktop Core Configuration (FDCC) Scanner and as an Authenticated Configuration Scanner, supporting the U.S. Office of Management and Budget (OMB) mandate that all government agencies must meet a core configuration standard for desktop computers. With an objective to improve overall system security and reduce costs though standardization, the OMB mandate is furthering the adoption of SCAP to enable security technologies to read and exchange systems and vulnerability information in a common format providing the foundation for interoperability among security and compliance products, ultimately delivering a more secure environment.

More information about SCAP-validated products can be found at http://nvd.nist.gov/scap.cfm.

Share or bookmarklet this web page at: