SCAP scanning and CyberScope reporting
Posted on 04 October 2012.
nCircle announced the debut of IP360 Federal, featuring a Security Content Automation Protocol (SCAP) 1.2 draft compliant scanner.

SCAP combines a number of open standards and is designed to enable automated vulnerability management, measurement, and policy compliance evaluation. SCAP 1.2 adds a number of new checklists including asset identification and asset reporting formats, as well as the Common Configuration Scoring System. It also includes a digital trust model for securing reports and checklists.

Built on nCircle’s IP360 vulnerability and risk management system, IP360 Federal scans for all SCAP Tier IV content, including USGCB policies. IP360 Federal also processes SCAP content natively. Unlike other solutions, no converter is required, saving time and reducing errors.

IP360 Federal enables government and contractor organizations to:
  • Discover, prioritize and remediate vulnerabilities
  • Meet and automate CyberScope reporting requirements
  • Meet NIST requirements for SCAP scanning
  • Natively import SCAP content
  • Meet NIST SP 800-137 continuous monitoring requirements.
nCircle IP360 customers can easily enable IP360 Federal by purchasing a license key. Additionally, IP360 Federal SCAP scans can run simultaneously with vulnerability scans so normal scan schedules are not interrupted.

“nCircle has always been a pioneer in the evolution of security standards, and our products are first in line to be certified SCAP 1.2 compliant,” said Tim ‘TK’ Keanini, chief research officer for nCircle. “IP360 Federal delivers the value of SCAP 1.2 and helps our customers automate key business processes, including CyberScope reporting. Our goal is to make it easier for our customers to achieve and maintain compliance while focusing on reducing security risks.”

nCircle is a long-standing supporter of federal security standards initiatives and has invested heavily in the development of open security standards used extensively throughout the federal government. Keanini has been actively involved in the development of Security Content Automation Protocol (SCAP), Common Configuration and Enumeration (CCE), Common Platform Enumeration (CPE), Common Vulnerability Enumeration (CVE), Open Vulnerability Assessment Language (OVAL) and Common Vulnerability Scoring System standards.





Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //