Austin, TX – atsec advice aegis is appreciative to advertise the acknowledged accreditation of its cryptographic and aegis testing class as a SCAP (Security Content Automation Protocol) analysis class beneath the NVLAP (National Voluntary Laboratory Accreditation Program) acknowledging the Information Security Automation Program (ISAP); a U.S. government multi-agency action to accredit automation and acclimation of abstruse aegis operations. With this accession to the atsec IT aegis portfolio we will be able to analysis our customer’s articles adjoin the SCAP standards application acquired analysis requirements provided by the NIST Computer Security Division’s Information Security Automation Program (ISAP) accurate by the National Vulnerability Database (NVD) program.
Steve Weingart, Principal Consultant at atsec commented: “SCAP is a new accepted that has been created to verify aegis agreement and vulnerability reporting, for accretion systems and software. While the antecedent action is for government users to accommodated Federal requirements, we apprehend that the account of this accepted will advance its accepting in industry and apprenticeship as well.”
The Security Content Automation Protocol (SCAP), arresting “Ess-Cap”, is a adjustment for application specific standards to accredit automated vulnerability management, measurement, and action acquiescence appraisal (e.g., FISMA compliance). More specifically, SCAP is a apartment of accessible standards that: enumerates software flaws, aegis accompanying agreement issues, and artefact names; measures systems to actuate the attendance of vulnerabilities; and provides mechanisms to rank (score) the after-effects of these abstracts in adjustment to appraise the appulse of the apparent aegis issues. SCAP defines how these standards are acclimated in accord to accomplish these capabilities.
SCAP includes the afterward standards:
•Common Vulnerabilities and Exposures (CVE®)
•Common Configuration Enumeration (CCE™)
•Common Platform Enumeration (CPE™)
•Common Vulnerability Scoring System (CVSS)
•eXtensible Configuration Checklist Description Format (XCCDF)
•Open Vulnerability and Assessment Language (OVAL™)
atsec has has longstanding acquaintance with IT aegis testing, appraisal and validation of software and accouterments products. We are accepted as a Common Criteria Evaluation Laboratory, Cryptographic Module Testing Laboratory for FIPS 140-2.
For added advice on The Information Security Automation Program and
The Security Content Automation Protocol point your browser at nvd.nist.gov/scap.cfm
Media Contact:
Andreas Fabis, fabis@atsec.com
Marketing Director
atsec advice security
(512) 615-7317
atsec advice aegis corporation
9130 Jollyville Road, Suite 260
Austin, TX 78759
USA
Phone: +1-512-615-7300
Telefax: +1-512-615-7301
eMail: info@atsec.com
About atsec advice security
atsec advice aegis is an independent, standards-based advice technology aegis casework aggregation that combines a business-oriented access to advice aegis with all-embracing abstruse ability and all-around experience. atsec was founded in Munich (Germany) in 2000 and has all-encompassing all-embracing operations with offices in the U.S., Germany, Sweden, and China.
atsec offers appraisal and testing casework arch to academic acceptance for IT aegis including appraisal beneath Common Criteria schemes in the U.S., Germany, and Sweden; cryptographic bore and algorithm testing beneath the Cryptographic Module Validation Program of the National Institute of Standards and Technology (NIST) in the U.S. and Communications Security Establishment Canada (CSEC) in Canada; and acquiescence validation to the Payment Card Industry (PCI) Data Security Standard.
atsec aswell offers defended cipher review, ISO/IEC 27001 ISMS consulting, and assimilation testing and scanning services.
atsec works with arch all-around companies such as IBM, HP, Oracle, Cray,BMW, SGI, Vodafone, Swisscom, RWE, and Wincor-Nixdorf. For added advice amuse appointment www.atsec.com.
订阅:
博文评论 (Atom)
没有评论:
发表评论