SCAP and the FDCC mandates are driven by the need to improve security at the endpoint. There are tens of thousands of different configurations of laptops and desktops used throughout the federal government, and by default, this means that there are going to be an exponential number of vulnerabilities or attack vectors at the endpoint
Scottsdale, Ariz. (PRWEB) July 2, 2008
Lumension Security™, Inc., a leading global security management company formed by the combination of PatchLink® Corporation and SecureWave® S.A., today announced that Steve Antone, the company's vice president of federal solutions, will lead a speaking session at the Federal Information Security Conference (FISC), July 1-2, 2008 in Colorado Springs, Colo. The session, entitled "SCAP - Security Content Automation Protocol," will examine the Security Content Automation Protocol (SCAP), a standards-based technology for automating vulnerability and configuration management, measurement and policy compliance checking. SCAP has been adopted by many IT security vendors and is now mandated for use within U.S. federal agencies.
Security compliance continues to be an important issue across the IT community, and the federal government is no exception: As of February 1, 2008 all agencies must comply with the Office of Management and Budget's (OMB) mandate requiring them to use technologies that are verified as compliant with SCAP in accordance with Federal Desktop Core Configuration (FDCC) mandates.
In this speaking session, Antone will discuss the security and operational advantages of SCAP along with the challenges of implementing the capability. Antone, who has first hand knowledge of many agency implementation plans, will provide insight on how agencies can be successful and avoid common pitfalls.
"SCAP and the FDCC mandates are driven by the need to improve security at the endpoint. There are tens of thousands of different configurations of laptops and desktops used throughout the federal government, and by default, this means that there are going to be an exponential number of vulnerabilities or attack vectors at the endpoint," said Antone. "Essentially, SCAP helps agencies to decrease the number of configurations and create a core configuration which will dramatically decrease the number of attack vectors, simplifying management of the endpoint and improving agencies' overall security and audit posture. This presentation will address exactly what SCAP means for federal agencies and the IT professionals within them."
- Who: Steve Antone, vice president of federal solutions, Lumension Security
- What: Presentation: "SCAP - Security Content Automation Protocol"
- Where: Federal Information Security Conference (FISC), July 1-2, 2008 at the Crowne Plaza Hotel in Colorado Springs, Colo.
- When: Wednesday, July 2, 2008 from 3:00-4:00 p.m. MDT
About Lumension Security™, Inc.:
Lumension Security™, formed by the combination of PatchLink® Corporation and SecureWave® S.A., is a recognized, global security management company, providing unified protection and control of enterprise endpoints for more than 5,100 customers and 14 million nodes worldwide. Leveraging its proven Positive Security Model, Lumension enables organizations to effectively manage risk at the endpoint by delivering best-of-breed, policy-based solutions that simplify the entire security management lifecycle. This includes automated asset discovery, vulnerability assessment, remediation and validation; application and device control; extensive policy compliance reporting; and integration with leading network access control solutions. Headquartered in Scottsdale, Arizona, Lumension has offices worldwide, including Virginia, Florida, Luxembourg, the United Kingdom, Spain, Australia, Hong Kong and Singapore. PatchLink, now Lumension, was founded in 1991 by Sean Moshir. More information can be found at Lumension Security.
Lumension Security, the Lumension logo, PatchLink® and Sanctuary® are trademarks or registered trademarks of Lumension Security. All other trademarks are the property of their respective owners.