Qualys recertifies its cloud computing FDCC auditing service

QualysGuard is recertified for FDCC compliance by NIST as conforming to the Security Content Automation Protocol (SCAP) and its component standards. The QualysGuard FDCC service allows federal agencies to scan – even across large, distributed and operationally diverse networks – and report FDCC compliance.

Federal government agencies are required to standardize and certify their existing Windows XP and Windows Vista desktops according to FDCC specifications as mandated by the US Office of Management and Budget (OMB).

The QualysGuard FDCC service leverages the SaaS architecture to support FDCC scanning for internal systems on a global scale to help federal agencies standardize and certify their existing Windows XP and Windows Vista desktops with the FDCC requirements.

FDCC compliance requires a thorough analysis of all desktop environments. The QualysGuard FDCC service is a scalable solution that provides the automation to accomplish this task efficiently and cost effectively agency-wide,” said Philippe Courtot, chairman and CEO of Qualys.

The QualysGuard FDCC service:

• Supports SCAP content for Windows XP, Windows XP Firewall, Windows Vista, Windows Vista Firewall, Internet Explorer 7, as well as USGCB content for Windows 7, Windows 7 Firewall, and Internet Explorer 8
• Utilizes FDCC and USGCB checklists from NIST including updated published SCAP content
• Certifies compliance with FDCC requirements with detailed reports that include technical analysis of compliance and executive-level summaries
• Provides complete coverage of all agency assets allowing for a complete picture of compliance rather than a statistical sample
• Scales to scan very large, distributed and operationally diverse, networks.