July 8, 2008
StillSecure VAM in Process for SCAP Validation
StillSecure(R), provider of secure network infrastructure solutions, today announced that EWA-Canada has been contracted to conduct Security Content Automation Protocol (SCAP) testing for StillSecure VAM(R), the company's vulnerability management system.
SCAP is a method for using NIST-approved standards to enable automated vulnerability management, measurement, and policy compliance evaluation (e.g., FISMA compliance). SCAP falls under the Information Security Automation Program (ISAP), which is a U.S. government multi-agency initiative to enable automation and standardization of technical security operations."As we continue to gain momentum within the DoD, third party validation such as SCAP testing reassures Federal agencies that VAM conforms to the highest security standards," said Alan Shimel, Chief Strategy Officer at StillSecure. "We look forward to working with EWA-Canada to complete this certification as soon as possible."
VAM is an end-to-end vulnerability management system that identifies, tracks, and manages the repair of network vulnerabilities across the enterprise. SCAP certification is the latest in StillSecure's recent Federal compliance efforts for VAM, which also include Common Criteria EAL-2 and FIPS 140-2.
To access the complete list of products that are "currently undergoing SCAP testing," please visit http://nvd.nist.gov/scapproducts.cfm.
StillSecure specializes in commercial and open source secure network infrastructure solutions. Products include network access control (NAC), intrusion detection/prevention (IDS/IPS), vulnerability management and a unified networking/security platform. By converging networking and security, StillSecure provides innovative, intuitive and affordable solutions to operate secure networks. Established in 2000, StillSecure customers range from midsize organizations to the world's largest enterprises with a strong emphasis in government, financial services, education, and healthcare. For more information visit http://www.stillsecure.com or call 303-381-3830.
EWA-Canada is a premier provider of advanced security services, having established itself as a vendor-neutral, independent centre of excellence in professional IT Security Services, Critical Infrastructure Protection, and testing of products in its IT Security Evaluation and Test Lab. EWA-Canada's solutions, experience and expertise are benefiting businesses in over 25 countries world-wide. EWA-Canada's Lab is recognized as a world leader for its comprehensive experience with Common Criteria (ISO/IEC 15408) evaluations, conformance testing to FIPS 140 and related cryptographic standards, Security Content Automation Protocol (SCAP) validation testing, and certification of point-of-sale devices and PIN Pads to Payment Card Industry and Interac(R) Association standards. EWA-Canada enables companies to efficiently and cost-effectively manage the evaluation and testing process and to ensure their products meet important certification requirements. For further information visit us at http://www.ewa-canada.com/studies/it_security.php.
Contact: Sonya Caprio Director of Marketing StillSecure 303-381-3843 [email protected]