eEye Digital Security
Solutions

Government Solutions

eEye is a dedicated provider of unified vulnerability management and compliance solutions for Government agencies. Retina.GOV, built upon our world-renowned research team, is an integrated end-to-end vulnerability management and compliance solution designed to help Government departments and agencies with protection and compliancy by defining and monitoring relevant IT controls.

Retina.GOV combines the powers of Retina and our enterprise management console, REM, to form a unified solution designed to help Government departments and agencies with vulnerability assessment and compliancy by defining and monitoring relevant IT controls.

  • Implement policy-based security management including routine security assessments, demonstrated control, and use of timely reports as part of standard processes.
  • Capability to efficiently classify, respond to and resolve potentially high-volume threats.
  • Enable compliance for SCAP, FDCC, and DIACAP initiatives mandated by command authorities.

Retina.GOV monitors both vulnerability and configuration of your IT assets, while correlating compliance requirements to pre-defined baselines and providing automated notification of violations.


Government Regulations and Retina.GOV Certifications


SCAP

Retina Network Security Scanner, the flagship solution component of Retina.GOV, supports the following SCAP requirements:

  • Federal Desktop Core Configuration (FDCC) Scanner
  • Authenticated Configuration Scanner
  • Authenticated Vulnerability and Patch Scanner
  • Unauthenticated Vulnerability Scanner

Retina’s SCAP capabilities include the following standards: XCCDF, OVAL, CCE, CPE, CVE and CVSS.

Utilizing Retina Network Security Scanner’s SCAP engine, users are able to import SCAP content, such as FDCC benchmarks, for interpretation and assessment of network devices. Retina provides an easy-to-use wizard that guides the user through the steps of selecting desired content, providing information on the assets to be evaluated, and launching the assessment scan. Upon launch, the scan will run without user intervention, alerting you when complete. The assessment results are made available in both machine legible XML in OVAL and XCCDF formats as well as human readable reports. Both machine and human readable output contains associated CVE, CPE, CVE and CVSS references as applicable.

FDCC

eEye's Retina Network Security Scanner is compliant with FDCC 1.2.

The Federal Desktop Core Configuration (FDCC) is an OMB-mandated security configuration which exists for Microsoft Windows Vista and XP operating systems. The Windows Vista FDCC is based on DoD customization of the Microsoft Security Guides for both Windows Vista and Internet Explorer 7.0. Microsoft's Vista Security Guide reflects the consensus recommended settings produced through a collaborative effort amongst DISA, NSA, and NIST.

The Windows XP FDCC is based on Air Force customization of the Specialized Security-Limited Functionality (SSLF) recommendations in NIST SP 800-68 and DoD customization of the recommendations in Microsoft's Security Guide for Internet Explorer 7.0.

DIACAP

The DoD Information Assurance Certification and Accreditation Process (DIACAP) is the United States Department of Defense (DoD) process of ensuring that risk management is applied on information systems (IS).

DIACAP defines a DoD-wide formal and standard set of activities, general tasks and management structure process for the certification and accreditation (C&A) of a DoD IS that will maintain the information assurance (IA) posture throughout the system's life cycle.

Training
Support

Government Clients

 

Certifications

 

SCAP
FDCC
FISMA

DIACAP
 

CVE
 

OESIS-OK
 

Federal Sales

866.282.8276
federal@eeye.com

State/Local Sales

866.282.8276
sled@eeye.com

 
© 1998 – 2010 eEye Digital Security. All rights reserved.