Tripwire today announced Security Content Automation Protocol (SCAP) 1.2 validation for Tripwire Enterprise version 8.3.2 on Red Hat and Windows platforms.
Tripwire is the first configuration scanning vendor to complete SCAP 1.2 validation under NIST’s National Voluntary Laboratory Accreditation Program (NVLAP). The validation was performed by SAIC.
Federal government agencies are under immense pressure to improve cyber security through an increased focus on risk management initiatives, such as Continuous Diagnostics and Mitigation (CDM) and Federal Information Security Management Act (FISMA) compliance.
“We are excited to be the first vendor to earn this important validation,” said John Klein, federal director for Tripwire. “Tripwire has been a strong supporter of government security standards for over 15 years and we’re committed to delivering continuous diagnostics and mitigation solutions that help government agencies and contractors become both compliant and secure.”
The SCAP standard drives continuous monitoring because it organizes, measures and automates a wide range of cyber security information. SCAP has been adopted by many commercial firms that do business with the federal government and private sector firms are adopting it to solve large-scale policy management problems.
Tripwire Enterprise provides comprehensive SCAP scanning and CyberScope reporting solutions. Tripwire Enterprise version 8.3.2 includes a next-generation policy engine that processes native SCAP 1.2 content using the Open Vulnerability and Assessment Language (OVAL) standard.
Key features include:
- Full support for SCAP 1.0, 1.1 and 1.2 content
- Full support for OVAL including the Extensible Configuration Checklist Format (XCCDF) and Asset Reporting Format (ARF) output
- Allows customers to test SCAP compliant content from DISA, USGCB as well as proprietary content
For more information on Tripwire’s government solutions please visit https://www.tripwire.com/it-industry/government-it/.
- Of Gold Stars and Millibars
- Control and Capabilities Drive Enterprise Security Confidence
- Security Configuration Management for Dummies
- SecureCheq Uncovers Critical Configuration Vulnerabilities
P.S. Have you met John Powers, supernatural CISO?
Title image courtesy of ShutterStock