BACK
Lumension Security Achieves SCAP Validation
Lumension Security™, Inc., a global leader in security management, today announced the Security Content Automation Protocol (SCAP) Scanner validation of the company’s market-leading Vulnerability Management Solution.
One of the first IT security providers to attain SCAP Validation from the National Institute of Standards and Technology (NIST), Lumension Security has achieved this validation in the stringent Federal Desktop Core Configuration (FDCC) Scanning category for its commitment to enforcing stronger security and hardened Windows endpoint configurations within the U.S. Government IT environment.
“Like all government agencies, we are not only faced with specific, mandated endpoint configuration requirements but are required to use SCAP validated tools to verify, validate and demonstrate compliance against FDCC requirements,” said David Campbell, ASUS Program Manager at NASA. “Using SCAP ready solutions is a priority for NASA, allowing us to reduce exposure to operational and financial risk by standardizing endpoint and application configurations based on industry best practices.” In March 2007, the U.S. Office of Management and Budget (OMB) mandated that all government organizations adopt FDCC best practice recommendations for Microsoft XP and Vista desktops and laptops. Federal agencies must utilize an SCAP-validated tool to verify and then continuously monitor their desktop configurations for FDCC compliance. In support of the OMB initiative, Lumension’s Vulnerability Management Solution is designed on SCAP standards to securely and cost-effectively manage the entire vulnerability lifecycle.
"By standardizing and automating secure configuration settings, government agencies not only benefit from significant security threat reduction, but also realize considerable cost savings from a decrease in system and application maintenance fees,” said Steven Antone, vice president, federal solutions at Lumension Security. "With its SCAP-validation, agencies can rely on Lumension’s Vulnerability Management Solution as a cost-effective way to continuously monitor their systems, verify that the FDCC standardized settings have not been altered, and remediate both software and configuration vulnerabilities if necessary to mitigate the threats associated with misconfigured endpoints."
Lumension’s Vulnerability Management Solution provides a comprehensive list of NIST’s SCAP policies with hundreds of defined checks, allowing organizations to quickly evaluate their security posture and determine what must be fixed to meet a given standard. In addition, customized templates ensure that assessments are tailored to the various compliance policies that fit an organization’s specific requirements. The solution streamlines this process by facilitating the simple importing and exporting of policies across multiple Vulnerability Management Servers, enabling the same policy documents to be shared by network scanner and agent-based assessment. This eliminates the need to manage and interpret a wide range of different policies and results from non-integrated scanners and agents.
For further information visit : www.lumension.com