SAN FRANCISCO--(information risk and security performance management, today announced the debut of IP360 Federal™, featuring the market’s first Security Content Automation Protocol (SCAP) 1.2 draft compliant scanner. The product debuts at the eighth annual IT Security Automation Conference being held October 3 – 5, 2012, at the Baltimore Convention Center in Baltimore, Maryland.)--nCircle, the leader in
“IP360 Federal delivers the value of SCAP 1.2 and helps our customers automate key business processes, including CyberScope reporting. Our goal is to make it easier for our customers to achieve and maintain compliance while focusing on reducing security risks.”
SCAP combines a number of open standards and is designed to enable automated vulnerability management, measurement, and policy compliance evaluation. SCAP 1.2 adds a number of new checklists including asset identification and asset reporting formats, as well as the Common Configuration Scoring System. It also includes a digital trust model for securing reports and checklists.
nCircle IP360 Federal is the most comprehensive SCAP scanning and CyberScope reporting solution available. Built on nCircle’s award-winning, enterprise class IP360 vulnerability and risk management system, IP360 Federal scans for all SCAP Tier IV content, including USGCB policies. IP360 Federal also processes SCAP content natively. Unlike other solutions, no converter is required, saving time and reducing errors.
IP360 Federal enables government and contractor organizations to:
- Discover, prioritize and remediate vulnerabilities
- Meet and automate CyberScope reporting requirements
- Meet NIST requirements for SCAP scanning
- Natively import SCAP content
- Meet NIST SP 800-137 continuous monitoring requirements
nCircle IP360 customers can easily enable IP360 Federal by purchasing a license key. Additionally, IP360 Federal SCAP scans can run simultaneously with vulnerability scans so normal scan schedules are not interrupted.
“nCircle has always been a pioneer in the evolution of security standards, and our products are first in line to be certified SCAP 1.2 compliant,” said Tim ‘TK’ Keanini, chief research officer for nCircle. “IP360 Federal delivers the value of SCAP 1.2 and helps our customers automate key business processes, including CyberScope reporting. Our goal is to make it easier for our customers to achieve and maintain compliance while focusing on reducing security risks.”
nCircle is a long-standing supporter of federal security standards initiatives and has invested heavily in the development of open security standards used extensively throughout the federal government. Keanini has been actively involved in the development of Security Content Automation Protocol (SCAP), Common Configuration and Enumeration (CCE), Common Platform Enumeration (CPE), Common Vulnerability Enumeration (CVE), Open Vulnerability Assessment Language (OVAL®) and Common Vulnerability Scoring System standards.
nCircle has completed strategic implementations for many federal government customers including:
- Executive Office of the President
- Legislative Branch
- Department of Agriculture
- Department of Commerce
- Department of Defense
- Department of Energy
- Department of Interior
- Department of Health and Human Services
- Department of Homeland Security
- Department of Labor
- Department of State
- Department of Treasury
- Multiple independent agencies, including the Nuclear Regulatory Commission and the Federal Communications Commission
“The development of IP360 Federal was driven by ongoing conversations with our federal customers who felt that there was a conflict between being able to fully discover, assess, prioritize and respond to the security posture of all assets in their environments, while also meeting all of the regulatory requirements imposed by CyberScope,” said Keren Cummins, director of federal markets for nCircle. “With this product, federal agencies will have an even richer continuous view of their security posture and will be able to generate monthly CyberScope compliant reports to OMB as an output of their security programs.”
For more information on IP360 Federal please visit: http://www.ncircle.com/index.php?s=products_ip360_federal
About nCircle Suite360
nCircle provides the world's most comprehensive suite of solutions for agentless security and configuration auditing for physical and virtual IT environments. nCircle's solutions combine the broadest discovery and deepest assessment of networks and their operating systems, applications, vulnerabilities and configurations with advanced analytics to help enterprises reduce security risk and achieve compliance. nCircle Suite360 is an integrated suite that shares a unified scan engine, common scoring methodologies and centralized reporting and analytics. Suite360 includes IP360™ for vulnerability management, WebApp360™ for web application scanning, Configuration Compliance Manager (CCM)™ for configuration auditing and file integrity monitoring, Certified PCI Scan Service™ for on-demand self-service PCI scanning and Suite360 Intelligence Hub™ for IT governance, risk and compliance (ITGRC) reporting and analytics.
nCircle is the leading provider of information risk and security performance management solutions to more than 6,500 businesses and government agencies worldwide. nCircle solutions enable enterprises of all sizes to (1) automate compliance and reduce risk, and (2) measure and compare the performance of their IT security program with their own goals and industry peers. nCircle solutions may be deployed on a customer’s premises, as a cloud-based service, or in combination, for maximum flexibility and value.
nCircle has won numerous awards for growth, innovation, customer satisfaction and technology leadership and has been ranked among the top 100 best places to work in the San Francisco Bay Area. nCircle is headquartered in San Francisco, CA, with regional offices throughout the United States and in London and Toronto. To learn how you can more effectively protect your company visit us at http://www.ncircle.com.
nCircle is a registered trademark of nCircle Network Security, Inc. All other registered or unregistered trademarks are the sole property of their respective owners.