February 14, 2008
Tenable Security Center 3.2 Management suite to be certified for NIST SCAP FDCC certification
Tenable Network Security, Inc., a leading developer of security management solutions and creator of the popular and award-winning Nessus 3 vulnerability scanner, announced today that it has engaged SAIC to perform Security Content Automation (SCAP) FDCC Compliance Testing for Tenable’s Security Center 3.2 Product suite for the Microsoft XP and Vista platforms. The basis of the validation testing will be the U.S. National Institute of Standards and Technology (NIST) defined and generated data feeds of content in the SCAP standards.
The Security Content Automation Protocol (SCAP), pronounced “Ess-Cap”, is a method for using specific standards to enable automated vulnerability management, measurement, and policy compliance evaluation (e.g., FISMA compliance). More specifically, SCAP is a suite of open standards that enumerates software flaws, security related configuration issues, and product names, measures systems to determine the presence of vulnerabilities, and provides mechanisms to rank (score) the results of these measurements in order to evaluate the impact of the discovered security issues. SCAP defines how these standards are used in unison to accomplish these capabilities.
Furthermore, the Federal Desktop Core Configuration (FDCC) is an OMB-mandated security configuration. The FDCC currently exists for Microsoft Windows Vista and XP operating system software. The "Federal Desktop Core Configuration" was originally called for in a 22 March 2007 memorandum from OMB to all Federal agencies and department heads and a corresponding memorandum from OMB to all Federal agency and department Chief Information Officers (CIO).
“SCAP FDCC compliance certification is important because it provides independent, standards-based verification of the security functions delivered by the Tenable Security Center and related components,” said Ron Gula, CEO of Tenable. “Tenable is pleased to undergo this testing with SAIC to provide our current and future customers the highest level of confidence that our solutions deliver on their security promises. As a side benefit, it also allows Tenable to assist our clients with their most current auditing needs”.
About Tenable Network Security
Tenable Network Security transforms security technology for the business needs of tomorrow through comprehensive solutions that provide continuous visibility and critical context, enabling decisive actions to protect your organization. Tenable eliminates blind spots, prioritizes threats, and reduces exposure and loss. With more than one million users and more than 20,000 enterprise customers worldwide, organizations trust Tenable for proven security innovation. Tenable's customers range from Fortune Global 500 companies, to the U.S. Department of Defense, to mid-sized and small businesses in all sectors, including finance, government, healthcare, higher education, retail and energy. Transform security with Tenable, the creators of Nessus and leaders in continuous monitoring, by visiting tenable.com.
(410) 872-0555 x1559