We congratulate the dedicated teams at NIST, NSA, DHS and DISA for their important contributions to IT best practices and methods, especially in emphasizing continuous monitoring as an important SCAP tenet.
Portland, OR (PRWEB) October 20, 2009
SignaCert, a leading provider of whitelist content, methods and solutions, today announced that they will participate and show new product offerings at the 5th Annual IT Security Automation Conference in Baltimore, MD the week of October 26, 2009. In addition CEO, Wyatt Starnes will be speaking at the event. Starnes' presentation, "Enhancing SCAP with Whitelist-Based Image Management", will focus how SignaCert is extending SCAP vulnerability and configuration capabilities by adding state-of-the-art reference whitelist image management to the SCAP method.
"We are excited about the SCAP technical and market advances in the SCAP framework over the last year," said SignaCert's Founder, Wyatt Starnes. "We congratulate the dedicated teams at NIST, NSA, DHS and DISA for their important contributions to IT best practices and methods, especially in emphasizing continuous monitoring as an important SCAP tenet."
Starnes continues, "Over the past year, we have been partnering with the DoD and federal IT security community to strengthen our Nation's defenses against the adversary. Our innovative whitelisting approach uses government standards and protocols to help agency and private industry system administrators focus on prioritizing risk and vulnerabilities so they can better protect their networks against both internal and external threats."
The conference, co-hosted by the National Security Agency (NSA), the National Institute of Standards and Technology (NIST), Department of Homeland Security (DHS), and Defense Information Systems Agency (DISA), will focus on emerging technologies designed to support the security automation needs of multiple sectors. The 4-day workshop, conference, and expo will highlight the collaborative successes of the DOD, NSA, NIST and others in applying standards to IT compliance and vulnerability management. It will include tracks on the use of security automation in support of healthcare IT, the use of security automation tools and technologies to ease the technical burdens of policy compliance, and the benefits of integrating security automation into the rapidly evolving cloud computing sector. Security automation leverages standards and specifications to reduce the complexity and time necessary to manage vulnerabilities, measure security, and ensure compliance, freeing resources to focus on other areas of the IT infrastructure.
SignaCert is the leading provider of end-to-end and partner-based IT compliance solutions based on known-provenance whitelist technology. Whitelist methods work in compliment to traditional blacklist technologies (such as Antivirus), where whitelist enables a more complete view of the state of the software on the target platform.
In simple terms, whitelisting is about verifying that the "known state" of managed IT devices remains known throughout the business process lifecycle. Known-provenance adds important software supply chain proof to the deployment of complex IT devices and answers the question of "how do I know that this software package is 1) Intact as built by the named supplier and; 2) Is the actual code built and shipped by the named supplier?"
These methods allow SignaCert's direct customers to rapidly achieve and prove continuous operational compliance monitoring for the IT systems and devices that deliver critical business and mission services. The SignaCert architecture is designed to seamlessly integrate with existing change processes, enforcement, reporting and remediation methods.
Additionally, SignaCert's OEM and ISV Partners can supply to, or license content from, the SignaCert Global Trust Repository (GTR), adding new and important capabilities to their product offerings. All use cases are supported by a rich repository of vendor-independent software measurements. These "white" or "allow" list methods enable SignaCert's patented technology to be quickly deployed and provide immediate visibility into the actual state of IT infrastructure.
Founded in 2004 by 36-year IT security and compliance industry veteran Wyatt Starnes, SignaCert has assembled a world class team of industry leaders with hands-on IT experience for its executive team, board of directors, and advisory board. SignaCert's end-customers span a wide variety of industries, including financial services, government, and healthcare.
For more general information please visit: http://www.signacert.com