nCircle Announces IP360 Federal™ Featuring First Available SCAP 1.2 Draft Compliant Scanner

SAN FRANCISCO--(BUSINESS WIRE)--nCircle, the leader in information risk and security performance management, today announced the debut of IP360 Federal™, featuring the market’s first Security Content Automation Protocol (SCAP) 1.2 draft compliant scanner. The product debuts at the eighth annual IT Security Automation Conference being held October 3 – 5, 2012, at the Baltimore Convention Center in Baltimore, Maryland.

“IP360 Federal delivers the value of SCAP 1.2 and helps our customers automate key business processes, including CyberScope reporting. Our goal is to make it easier for our customers to achieve and maintain compliance while focusing on reducing security risks.”

SCAP combines a number of open standards and is designed to enable automated vulnerability management, measurement, and policy compliance evaluation. SCAP 1.2 adds a number of new checklists including asset identification and asset reporting formats, as well as the Common Configuration Scoring System. It also includes a digital trust model for securing reports and checklists.

nCircle IP360 Federal is the most comprehensive SCAP scanning and CyberScope reporting solution available. Built on nCircle’s award-winning, enterprise class IP360 vulnerability and risk management system, IP360 Federal scans for all SCAP Tier IV content, including USGCB policies. IP360 Federal also processes SCAP content natively. Unlike other solutions, no converter is required, saving time and reducing errors.

IP360 Federal enables government and contractor organizations to:

Discover, prioritize and remediate vulnerabilities
Meet and automate CyberScope reporting requirements
Meet NIST requirements for SCAP scanning
Natively import SCAP content
Meet NIST SP 800-137 continuous monitoring requirements

nCircle IP360 customers can easily enable IP360 Federal by purchasing a license key. Additionally, IP360 Federal SCAP scans can run simultaneously with vulnerability scans so normal scan schedules are not interrupted.

“nCircle has always been a pioneer in the evolution of security standards, and our products are first in line to be certified SCAP 1.2 compliant,” said Tim ‘TK’ Keanini, chief research officer for nCircle. “IP360 Federal delivers the value of SCAP 1.2 and helps our customers automate key business processes, including CyberScope reporting. Our goal is to make it easier for our customers to achieve and maintain compliance while focusing on reducing security risks.”

nCircle is a long-standing supporter of federal security standards initiatives and has invested heavily in the development of open security standards used extensively throughout the federal government. Keanini has been actively involved in the development of Security Content Automation Protocol (SCAP), Common Configuration and Enumeration (CCE), Common Platform Enumeration (CPE), Common Vulnerability Enumeration (CVE), Open Vulnerability Assessment Language (OVAL®) and Common Vulnerability Scoring System standards.

nCircle has completed strategic implementations for many federal government customers including:

Executive Office of the President
Legislative Branch
Department of Agriculture
Department of Commerce
Department of Defense
Department of Energy
Department of Interior
Department of Health and Human Services
Department of Homeland Security
Department of Labor
Department of State
Department of Treasury
Multiple independent agencies, including the Nuclear Regulatory Commission and the Federal Communications Commission

“The development of IP360 Federal was driven by ongoing conversations with our federal customers who felt that there was a conflict between being able to fully discover, assess, prioritize and respond to the security posture of all assets in their environments, while also meeting all of the regulatory requirements imposed by CyberScope,” said Keren Cummins, director of federal markets for nCircle. “With this product, federal agencies will have an even richer continuous view of their security posture and will be able to generate monthly CyberScope compliant reports to OMB as an output of their security programs.”

For more information on IP360 Federal please visit: http://www.ncircle.com/index.php?s=products_ip360_federal

About nCircle Suite360

nCircle provides the world's most comprehensive suite of solutions for agentless security and configuration auditing for physical and virtual IT environments. nCircle's solutions combine the broadest discovery and deepest assessment of networks and their operating systems, applications, vulnerabilities and configurations with advanced analytics to help enterprises reduce security risk and achieve compliance. nCircle Suite360 is an integrated suite that shares a unified scan engine, common scoring methodologies and centralized reporting and analytics. Suite360 includes IP360™ for vulnerability management, WebApp360™ for web application scanning, Configuration Compliance Manager (CCM)™ for configuration auditing and file integrity monitoring, Certified PCI Scan Service™ for on-demand self-service PCI scanning and Suite360 Intelligence Hub™ for IT governance, risk and compliance (ITGRC) reporting and analytics.

About nCircle

nCircle is the leading provider of information risk and security performance management solutions to more than 6,500 businesses and government agencies worldwide. nCircle solutions enable enterprises of all sizes to (1) automate compliance and reduce risk, and (2) measure and compare the performance of their IT security program with their own goals and industry peers. nCircle solutions may be deployed on a customer’s premises, as a cloud-based service, or in combination, for maximum flexibility and value.

nCircle has won numerous awards for growth, innovation, customer satisfaction and technology leadership and has been ranked among the top 100 best places to work in the San Francisco Bay Area. nCircle is headquartered in San Francisco, CA, with regional offices throughout the United States and in London and Toronto. To learn how you can more effectively protect your company visit us at http://www.ncircle.com.

nCircle is a registered trademark of nCircle Network Security, Inc. All other registered or unregistered trademarks are the sole property of their respective owners.