Freely subscribe to our NEWSLETTER

In March 2007, the U.S. Office of Management and Budget (OMB) mandated that all government organizations adopt FDCC best practice recommendations for Microsoft XP and Vista desktops and laptops. Federal agencies must utilize SCAP-validated tools to verify and then continuously monitor their desktop configurations for FDCC compliance.

In support of the OMB initiative, Lumension’s Vulnerability Management Solution is designed on SCAP standards to securely and cost-effectively manage the entire vulnerability lifecycle. Features include:
Agent-based and agentless risk assessment of software flaws and configuration vulnerabilities
Accurate remediation
Continuous validation
Policy compliance reporting

The solution provides automated compliance reporting based on FDCC security best practices and supports interoperability between security technologies based on NIST’s common security content format requirements. By achieving SCAP FDCC Scanner validation, Lumension guarantees accurate FDCC auditing for Federal agencies and prevents them from having to manually implement the mandated configuration requirements.

Lumension’s Vulnerability Management Solution provides a comprehensive list of NIST’s SCAP policies with hundreds of defined checks, allowing organizations to quickly evaluate their security posture and determine what must be fixed to meet a given standard. In addition, customized templates ensure that assessments are tailored to the various compliance policies that fit an organization’s specific requirements. The solution streamlines this process by facilitating the simple importing and exporting of policies across multiple Vulnerability Management Servers, enabling the same policy documents to be shared by network scanner and agent-based assessment. This eliminates the need to manage and interpret a wide range of different policies and results from non-integrated scanners and agents.