Retina Wins SCAP Certification from National Institute of Standards & Technology
03/15/2010 - eEye Digital Security, a provider of unified vulnerability management and compliance solutions, today announced that its Retina vulnerability management solution has received SCAP certification from the National Institute of Standards & Technology. With this government validation, Retina now meets core NIST standards for automated vulnerability management, measurement and policy compliance. Additionally, Retina also meets Federal Desktop Core Configuration (FDCC) compliance standards on the Microsoft Windows XP Professional and Windows Vista operating systems.
The Security Content Automation Protocol (SCAP) combines a number of open standards that are used to enumerate software flaws and configuration issues related to security. The protocol measures systems to find vulnerabilities and offer methods to score those findings in order to evaluate the possible impact.
“We are very honored to receive recognition from NIST and pleased that our engineering efforts behind Retina has built a solution strong enough to meet U.S. government standards for automated vulnerability management, measurement and policy compliance,” said Kevin Hickey, eEye CEO.
In brief, Retina has been validated to meet the following SCAP capabilities:
- FDCC scanning capability to audit and assess a target system to determine its compliance with FDCC requirements;
- Authenticated configuration scanning capability to audit and assess a target system to determine its compliance with a defined set of configuration requirements using target system logon privileges;
- Authenticated vulnerability and patch scanning capability to scan a target system to locate and identify the presence of known vulnerabilities and evaluate the software patch status to determine compliance with a defined patch policy using target system logon privileges;
- Unauthenticated vulnerability scanner: the capability to determine the presence of known vulnerabilities by evaluating the target system over the network.
The award-winning suite of powerful Retina security solutions identify known and zero-day vulnerabilities and provide intrusion prevention, security risk assessment and mitigation, enabling security best practices, policy enforcement and regulatory audits. Retina has the power to immediately target vulnerabilities and generate detailed reports that meet strict government-mandated compliance requirements.
eEye has been providing security technology and services to small and mid-size enterprises and to state and federal government agencies for more than 10 years.
Also announced today, eEye will debut a website devoted to government customers and end-users at www.eeye.com/gov
For more information on SCAP, please visit: http://scap.nist.gov and http://nvd.nist.gov/scapproducts.cfm
About eEye Digital Security
Since 1998, eEye Digital Security has made vulnerability and compliance management simpler and more efficient by providing the only unified solution that integrates assessment, mitigation, protection, and reporting into a complete offering with optional add-on modules for configuration compliance, regulatory reporting, and integrated patch management. eEye’s world-renowned research and development team is consistently the first to uncover critical vulnerabilities and build new protections into our solutions to prevent their exploit. Thousands of mid-to-large-size private-sector and government organizations, including the largest vulnerability management installations in the world, rely on eEye to protect against the latest known and zero-day vulnerabilities.
Follow eEye Digital Security
Twitter: http://twitter.com/eEye
Blog: http://blog.eeye.com
LinkedIn: http://www.linkedin.com/companies/eEye-digital-security
Facebook: http://www.facebook.com/eeyedigitalsecurity