Tenable Network Security is pleased to announce that SecurityCenter 4 has recently been validated by the National Institute of Standards and Technology (NIST) as conforming to the Security Content Automation Protocol (SCAP) and its component standards. As of December 16, 2010, SecurityCenter 4 is SCAP validated for the following capabilities:
- FDCC Scanner
- Authenticated Vulnerability and Patch Scanner
- Authenticated Configuration Scanner
- Unauthenticated Vulnerability Scanner
SecurityCenter and the Nessus vulnerability scanner both support SCAP by integrating each aspect of OVAL, CVE, CVSS, XCCDF, CPE and CCE to help organizations accurately test their infrastructure and ensure that systems are configured in compliance with security policies and standards. Tenable’s customers use the SCAP-compatible xTool to produce audit policies for SecurityCenter and Nessus, which are used to perform configuration audits of target systems, analyze them for FDCC compliance and provide reports to system administrators and management. SecurityCenter also performs remediation scanning to help ensure that systems with known vulnerabilities are patched and that compliant settings are not reverted to a non-compliant state.
For more information about how Tenable’s solutions can help your organization, contact our Sales department for a copy of our Real-Time Compliance Monitoring whitepaper. Tenable’s product validation information for SecurityCenter can be found on NIST’s web site at http://nvd.nist.gov/validation_tenable.cfm and validation details can be found here.