Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Delivers Solution to Meet OMB 2008 Federal Desktop Core Configuration Mandate

August 27, 2007

Columbia, MD

August 24, 2007 – Columbia, MD – Tenable Network Security, Inc., the leader in unified security monitoring and creator of the popular and award-winning Nessus vulnerability scanner, today announced it has released SCAP compatible solutions to assist Federal Agencies in complying with the Office of Management and Budget’s M-07-11 policy memorandum “Implementation of Commonly Accepted Configurations for Windows Operating Systems”.  This policy states that “agencies with those operating systems [Windows XP and Vista] and/or plans to upgrade to these operating systems must adopt these standard security configurations by February 1, 2008.” 

As described in the memorandum, The National Institute of Standards and Technology (NIST), Microsoft, the Department of Defense, and the Department of Homeland Security have now established a website hosting the virtual machine images, which can be found at: http://csrc.nist.gov/fdcc. This website also includes frequently asked questions and other technical information for adopting the Federal Desktop Core Configurations (FDCC). 

Tenable’s Security Center and Nessus Vulnerability Scanner are recognized by NIST as Security Content Automation Protocol (SCAP) compliant tools. The Security Content Automation Protocol (SCAP) is a method for using specific standards to enable automated vulnerability management, measurement, and policy compliance evaluation (e.g., FISMA compliance). Federal departments and agencies can use Tenable’s Security Center and Nessus to verify configurations before deployment and then to monitor compliance with FDCC mandated configurations on an ongoing basis. 

“Our research team is actively engaged with NIST on various fronts, including the SCAP Program, and we are pleased to be recognized as one of the tools available for Federal departments and agencies to meet this new FDCC requirement by OMB. We believe this extension of our compliance capabilities greatly assists our Federal customers to meet these mandates in a cost effective and efficient manner,” says Ron Gula, CEO of Tenable.

For more information on NIST and SCAP Tools to support FDCC, please visit: http://nvd.nist.gov/tools.cfm. For further information about Tenable’s solutions in meeting FDCC requirements, please visit: http://blog.tenablesecurity.com/2007/08/federally-manda.html

About Tenable

Tenable®, Inc. is the Cyber Exposure company. Over 24,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver Tenable.io®, the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include 53 percent of the Fortune 500, 29 percent of the Global 2000 and large government agencies. Learn more at tenable.com.

Contact Information:

Cayla Baker
[email protected]
(443) 539-6476

Stay up to date!

Subscribe to our email alerts for new press releases.

Subscribe for press release updates

Try for Free Buy Now

Try Tenable.io Vulnerability Management


Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Try Nessus Professional Free


Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.