FISMA News

StillSecure VAM in Process for SCAP Validation

(July 08, 2008)-- StillSecure, provider of secure network infrastructure solutions, announced that EWA-Canada has been contracted to conduct Security Content Automation Protocol (SCAP) testing for StillSecure VAM, the company's vulnerability management system.

SCAP is a method for using NIST-approved standards to enable automated vulnerability management, measurement, and policy compliance evaluation (e.g., FISMA compliance). SCAP falls under the Information Security Automation Program (ISAP), which is a U.S. government multi-agency initiative to enable automation and standardization of technical security operations.

"As we continue to gain momentum within the DoD, third party validation such as SCAP testing reassures Federal agencies that VAM conforms to the highest security standards," said Alan Shimel, Chief Strategy Officer at StillSecure. "We look forward to working with EWA-Canada to complete this certification as soon as possible."

VAM is an end-to-end vulnerability management system that identifies, tracks, and manages the repair of network vulnerabilities across the enterprise. SCAP certification is the latest in StillSecure's recent Federal compliance efforts for VAM, which also include Common Criteria EAL-2 and FIPS 140-2.

To access the complete list of products that are "currently undergoing SCAP testing," please visit http://nvd.nist.gov/scapproducts.cfm.

Share or bookmarklet this web page at: