|By Business Wire||
|November 29, 2012 02:57 PM EST||
nCircle, the leader in information risk and security performance management, today announced the availability of the market’s first Security Content Automation Protocol (SCAP) 1.2 draft compliant scanner in Configuration Compliance Manager™ (CCM).
SCAP combines a number of open standards and is designed to enable automated vulnerability management, measurement, and policy compliance evaluation. SCAP 1.2 adds a number of new checklists including asset identification and asset reporting formats, as well as the Common Configuration Scoring System. It also includes a digital trust model for securing reports and checklists.
nCircle CCM provides the most comprehensive, agentless configuration compliance solution for benchmark content available in SCAP format. Unlike other solutions, CCM processes SCAP content natively and does not require a converter, dramatically reducing errors and the time needed to process SCAP content.
nCircle CCM automates configuration auditing, change monitoring and configuration compliance processes, providing government agencies and contractors with the industry’s clearest picture of IT system configurations and the compliance impact of configuration changes. SCAP scan results can be exported in XML and HTML.
“nCircle has always been a pioneer in the evolution of security standards, and our products are first in line to be certified SCAP 1.2 compliant,” said Tim ‘TK’ Keanini, chief research officer for nCircle. “CCM helps our federal customers automate configuration compliance and makes SCAP 1.2 compliance much easier.”
nCircle is a long-standing supporter of federal security standards initiatives and has invested heavily in the development of open security standards used extensively throughout the federal government. Keanini has been actively involved in the development of Security Content Automation Protocol (SCAP), Common Configuration and Enumeration (CCE), Common Platform Enumeration (CPE), Common Vulnerability Enumeration (CVE), Open Vulnerability Assessment Language (OVAL®) and Common Vulnerability Scoring System standards.
nCircle has completed strategic implementations for many federal government customers including:
- Executive Office of the President
- Legislative Branch
- Department of Agriculture
- Department of Commerce
- Department of Defense
- Department of Energy
- Department of the Interior
- Department of Health and Human Services
- Department of Homeland Security
- Department of Labor
- Department of State
- Department of the Treasury
- Multiple independent agencies, including the Nuclear Regulatory Commission and the Federal Communications Commission
“It has been exciting to watch the efforts of SCAP standards advance over time. More configuration policies are becoming available in SCAP format from a growing number of sources including DISA, NSA, NIST, MITRE, as well as vendors like Microsoft and RedHat," said Keren Cummins, director of federal markets at nCircle. "With this upgrade, the nCircle Suite360 solutions now provide customers immediate use of those policies, natively, across the entire enterprise."
The new version of nCircle CCM is available now to all CCM customers. For more information please visit: https://www.ncircle.com/index.php?s=products_ccm.
About nCircle Suite360
nCircle provides the world's most comprehensive suite of solutions for agentless security and configuration auditing for physical and virtual IT environments. nCircle's solutions combine the broadest discovery and deepest assessment of networks and their operating systems, applications, vulnerabilities and configurations with advanced analytics to help enterprises reduce security risk and achieve compliance. nCircle solutions include IP360™ for enterprise vulnerability management, PureCloud™ for cloud-based vulnerability scanning, WebApp360™ for web application scanning, Configuration Compliance Manager™ for configuration auditing and file integrity monitoring, Certified PCI Scan Service™ for PCI scanning, Suite360 Intelligence Hub™ for advanced reporting and analytics and Benchmark for and security performance management.
nCircle is the leading provider of information risk and security performance management solutions to more than 6,500 businesses and government agencies worldwide. nCircle solutions enable enterprises of all sizes to (1) automate compliance and reduce risk, and (2) measure and compare the performance of their IT security program with their own goals and industry peers. nCircle solutions may be deployed on a customer’s premises, as a cloud-based service, or in combination, for maximum flexibility and value.
nCircle has won numerous awards for growth, innovation, customer satisfaction and technology leadership and has been ranked among the top 100 best places to work in the San Francisco Bay Area. nCircle is headquartered in San Francisco, CA, with regional offices throughout the United States and in London and Toronto. To learn how you can more effectively protect your company visit us at http://www.ncircle.com.
nCircle is a registered trademark of nCircle Network Security, Inc. All other registered or unregistered trademarks are the sole property of their respective owners.
Every successful software product evolves from an idea to an enterprise system. Notably, the same way is passed by the product owner's company. In his session at 20th Cloud Expo, Oleg Lola, CEO of MobiDev, will provide a generalized overview of the evolution of a software product, the product owner, the needs that arise at various stages of this process, and the value brought by a software development partner to the product owner as a response to these needs.
Jan. 17, 2017 06:00 AM EST Reads: 1,110
"Plutora provides release and testing environment capabilities to the enterprise," explained Dalibor Siroky, Director and Co-founder of Plutora, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.
Jan. 17, 2017 05:45 AM EST Reads: 3,482
SYS-CON Events announced today that Enzu will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY, and the 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Enzu’s mission is to be the leading provider of enterprise cloud solutions worldwide. Enzu enables online businesses to use its IT infrastructure to their competitive ad...
Jan. 17, 2017 05:30 AM EST Reads: 1,523
In his session at DevOps Summit, Tapabrata Pal, Director of Enterprise Architecture at Capital One, will tell a story about how Capital One has embraced Agile and DevOps Security practices across the Enterprise – driven by Enterprise Architecture; bringing in Development, Operations and Information Security organizations together. Capital Ones DevOpsSec practice is based upon three "pillars" – Shift-Left, Automate Everything, Dashboard Everything. Within about three years, from 100% waterfall, C...
Jan. 17, 2017 05:15 AM EST Reads: 9,273
SYS-CON Events announced today that MobiDev, a client-oriented software development company, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place June 6-8, 2017, at the Javits Center in New York City, NY, and the 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software company that develops and delivers turn-key mobile apps, websites, web services, and complex softw...
Jan. 17, 2017 04:15 AM EST Reads: 1,779
Internet of @ThingsExpo, taking place June 6-8, 2017 at the Javits Center in New York City, New York, is co-located with the 20th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @ThingsExpo New York Call for Papers is now open.
Jan. 17, 2017 03:45 AM EST Reads: 3,525
In his session at 19th Cloud Expo, Claude Remillard, Principal Program Manager in Developer Division at Microsoft, contrasted how his team used config as code and immutable patterns for continuous delivery of microservices and apps to the cloud. He showed how the immutable patterns helps developers do away with most of the complexity of config as code-enabling scenarios such as rollback, zero downtime upgrades with far greater simplicity. He also demoed building immutable pipelines in the cloud ...
Jan. 17, 2017 03:45 AM EST Reads: 3,371
DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, "pervasive" and "cognitive" computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain. In this power panel at @...
Jan. 17, 2017 03:45 AM EST Reads: 2,711
SYS-CON Events announced today that Catchpoint Systems, Inc., a provider of innovative web and infrastructure monitoring solutions, has been named “Silver Sponsor” of SYS-CON's DevOps Summit at 18th Cloud Expo New York, which will take place June 7-9, 2016, at the Javits Center in New York City, NY. Catchpoint is a leading Digital Performance Analytics company that provides unparalleled insight into customer-critical services to help consistently deliver an amazing customer experience. Designed ...
Jan. 17, 2017 03:15 AM EST Reads: 6,223
While many government agencies have embraced the idea of employing cloud computing as a tool for increasing the efficiency and flexibility of IT, many still struggle with large scale adoption. The challenge is mainly attributed to the federated structure of these agencies as well as the immaturity of brokerage and governance tools and models. Initiatives like FedRAMP are a great first step toward solving many of these challenges but there are a lot of unknowns that are yet to be tackled. In hi...
Jan. 17, 2017 02:15 AM EST Reads: 3,747
With the proliferation of both SQL and NoSQL databases, organizations can now target specific fit-for-purpose database tools for their different application needs regarding scalability, ease of use, ACID support, etc. Platform as a Service offerings make this even easier now, enabling developers to roll out their own database infrastructure in minutes with minimal management overhead. However, this same amount of flexibility also comes with the challenges of picking the right tool, on the right ...
Jan. 17, 2017 01:45 AM EST Reads: 5,217
The cloud market growth today is largely in public clouds. While there is a lot of spend in IT departments in virtualization, these aren’t yet translating into a true “cloud” experience within the enterprise. What is stopping the growth of the “private cloud” market? In his general session at 18th Cloud Expo, Nara Rajagopalan, CEO of Accelerite, explored the challenges in deploying, managing, and getting adoption for a private cloud within an enterprise. What are the key differences between wh...
Jan. 17, 2017 12:45 AM EST Reads: 6,016
One of the hottest areas in cloud right now is DRaaS and related offerings. In his session at 16th Cloud Expo, Dale Levesque, Disaster Recovery Product Manager with Windstream's Cloud and Data Center Marketing team, will discuss the benefits of the cloud model, which far outweigh the traditional approach, and how enterprises need to ensure that their needs are properly being met.
Jan. 16, 2017 11:45 PM EST Reads: 4,207
WebRTC has had a real tough three or four years, and so have those working with it. Only a few short years ago, the development world were excited about WebRTC and proclaiming how awesome it was. You might have played with the technology a couple of years ago, only to find the extra infrastructure requirements were painful to implement and poorly documented. This probably left a bitter taste in your mouth, especially when things went wrong.
Jan. 16, 2017 09:00 PM EST Reads: 7,448
Up until last year, enterprises that were looking into cloud services usually undertook a long-term pilot with one of the large cloud providers, running test and dev workloads in the cloud. With cloud’s transition to mainstream adoption in 2015, and with enterprises migrating more and more workloads into the cloud and in between public and private environments, the single-provider approach must be revisited. In his session at 18th Cloud Expo, Yoav Mor, multi-cloud solution evangelist at Cloudy...
Jan. 16, 2017 08:45 PM EST Reads: 4,582
The proper isolation of resources is essential for multi-tenant environments. The traditional approach to isolate resources is, however, rather heavyweight. In his session at 18th Cloud Expo, Igor Drobiazko, co-founder of elastic.io, drew upon his own experience with operating a Docker container-based infrastructure on a large scale and present a lightweight solution for resource isolation using microservices. He also discussed the implementation of microservices in data and application integrat...
Jan. 16, 2017 06:45 PM EST Reads: 3,494
Containers have changed the mind of IT in DevOps. They enable developers to work with dev, test, stage and production environments identically. Containers provide the right abstraction for microservices and many cloud platforms have integrated them into deployment pipelines. DevOps and containers together help companies achieve their business goals faster and more effectively. In his session at DevOps Summit, Ruslan Synytsky, CEO and Co-founder of Jelastic, reviewed the current landscape of Dev...
Jan. 16, 2017 05:00 PM EST Reads: 4,030
In his General Session at DevOps Summit, Asaf Yigal, Co-Founder & VP of Product at Logz.io, will explore the value of Kibana 4 for log analysis and will give a real live, hands-on tutorial on how to set up Kibana 4 and get the most out of Apache log files. He will examine three use cases: IT operations, business intelligence, and security and compliance. This is a hands-on session that will require participants to bring their own laptops, and we will provide the rest.
Jan. 16, 2017 03:30 PM EST Reads: 4,832
IoT is at the core or many Digital Transformation initiatives with the goal of re-inventing a company's business model. We all agree that collecting relevant IoT data will result in massive amounts of data needing to be stored. However, with the rapid development of IoT devices and ongoing business model transformation, we are not able to predict the volume and growth of IoT data. And with the lack of IoT history, traditional methods of IT and infrastructure planning based on the past do not app...
Jan. 16, 2017 03:15 PM EST Reads: 386
"We're bringing out a new application monitoring system to the DevOps space. It manages large enterprise applications that are distributed throughout a node in many enterprises and we manage them as one collective," explained Kevin Barnes, President of eCube Systems, in this SYS-CON.tv interview at DevOps at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Jan. 16, 2017 02:15 PM EST Reads: 5,282