Click here to close now.

Welcome!

Cloud Expo Authors: Lori MacVittie, Liz McMillan, AppDynamics Blog, Kelly Murphy, David Sprott

News Feed Item

nCircle Announces the Availability of the First SCAP 1.2 Draft Compliant Scanner in Configuration Compliance Manager

nCircle, the leader in information risk and security performance management, today announced the availability of the market’s first Security Content Automation Protocol (SCAP) 1.2 draft compliant scanner in Configuration Compliance Manager™ (CCM).

SCAP combines a number of open standards and is designed to enable automated vulnerability management, measurement, and policy compliance evaluation. SCAP 1.2 adds a number of new checklists including asset identification and asset reporting formats, as well as the Common Configuration Scoring System. It also includes a digital trust model for securing reports and checklists.

nCircle CCM provides the most comprehensive, agentless configuration compliance solution for benchmark content available in SCAP format. Unlike other solutions, CCM processes SCAP content natively and does not require a converter, dramatically reducing errors and the time needed to process SCAP content.

nCircle CCM automates configuration auditing, change monitoring and configuration compliance processes, providing government agencies and contractors with the industry’s clearest picture of IT system configurations and the compliance impact of configuration changes. SCAP scan results can be exported in XML and HTML.

“nCircle has always been a pioneer in the evolution of security standards, and our products are first in line to be certified SCAP 1.2 compliant,” said Tim ‘TK’ Keanini, chief research officer for nCircle. “CCM helps our federal customers automate configuration compliance and makes SCAP 1.2 compliance much easier.”

nCircle is a long-standing supporter of federal security standards initiatives and has invested heavily in the development of open security standards used extensively throughout the federal government. Keanini has been actively involved in the development of Security Content Automation Protocol (SCAP), Common Configuration and Enumeration (CCE), Common Platform Enumeration (CPE), Common Vulnerability Enumeration (CVE), Open Vulnerability Assessment Language (OVAL®) and Common Vulnerability Scoring System standards.

nCircle has completed strategic implementations for many federal government customers including:

  • Executive Office of the President
  • Legislative Branch
  • Department of Agriculture
  • Department of Commerce
  • Department of Defense
  • Department of Energy
  • Department of the Interior
  • Department of Health and Human Services
  • Department of Homeland Security
  • Department of Labor
  • Department of State
  • Department of the Treasury
  • Multiple independent agencies, including the Nuclear Regulatory Commission and the Federal Communications Commission

“It has been exciting to watch the efforts of SCAP standards advance over time. More configuration policies are becoming available in SCAP format from a growing number of sources including DISA, NSA, NIST, MITRE, as well as vendors like Microsoft and RedHat," said Keren Cummins, director of federal markets at nCircle. "With this upgrade, the nCircle Suite360 solutions now provide customers immediate use of those policies, natively, across the entire enterprise."

The new version of nCircle CCM is available now to all CCM customers. For more information please visit: https://www.ncircle.com/index.php?s=products_ccm.

About nCircle Suite360

nCircle provides the world's most comprehensive suite of solutions for agentless security and configuration auditing for physical and virtual IT environments. nCircle's solutions combine the broadest discovery and deepest assessment of networks and their operating systems, applications, vulnerabilities and configurations with advanced analytics to help enterprises reduce security risk and achieve compliance. nCircle solutions include IP360™ for enterprise vulnerability management, PureCloud™ for cloud-based vulnerability scanning, WebApp360™ for web application scanning, Configuration Compliance Manager™ for configuration auditing and file integrity monitoring, Certified PCI Scan Service™ for PCI scanning, Suite360 Intelligence Hub™ for advanced reporting and analytics and Benchmark for and security performance management.

About nCircle

nCircle is the leading provider of information risk and security performance management solutions to more than 6,500 businesses and government agencies worldwide. nCircle solutions enable enterprises of all sizes to (1) automate compliance and reduce risk, and (2) measure and compare the performance of their IT security program with their own goals and industry peers. nCircle solutions may be deployed on a customer’s premises, as a cloud-based service, or in combination, for maximum flexibility and value.

nCircle has won numerous awards for growth, innovation, customer satisfaction and technology leadership and has been ranked among the top 100 best places to work in the San Francisco Bay Area. nCircle is headquartered in San Francisco, CA, with regional offices throughout the United States and in London and Toronto. To learn how you can more effectively protect your company visit us at http://www.ncircle.com.

nCircle is a registered trademark of nCircle Network Security, Inc. All other registered or unregistered trademarks are the sole property of their respective owners.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@CloudExpo Stories
Containers Expo Blog covers the world of containers, as this lightweight alternative to virtual machines enables developers to work with identical dev environments and stacks. Containers Expo Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. Bookmark Containers Expo Blog ▸ Here Follow new article posts on Twitter at @ContainersExpo
There is little doubt that Big Data solutions will have an increasing role in the Enterprise IT mainstream over time. 8th International Big Data Expo, co-located with 17th International Cloud Expo - to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA - has announced its Call for Papers is open. As advanced data storage, access and analytics technologies aimed at handling high-volume and/or fast moving data all move center stage, aided by the cloud computing bo...
The 5th International DevOps Summit, co-located with 17th International Cloud Expo – being held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the...
You use an agile process; your goal is to make your organization more agile. But what about your data infrastructure? The truth is, today's databases are anything but agile - they are effectively static repositories that are cumbersome to work with, difficult to change, and cannot keep pace with application demands. Performance suffers as a result, and it takes far longer than it should to deliver new features and capabilities needed to make your organization competitive. As your application an...
Move from reactive to proactive cloud management in a heterogeneous cloud infrastructure. In his session at 16th Cloud Expo, Manoj Khabe, Innovative Solution-Focused Transformation Leader at Vicom Computer Services, Inc., will show how to replace a help desk-centric approach with an ITIL-based service model and service-centric CMDB that’s tightly integrated with an event and incident management platform. Learn how to expand the scope of operations management to service management. He will al...
Over the years, a variety of methodologies have emerged in order to overcome the challenges related to project constraints. The successful use of each methodology seems highly context-dependent. However, communication seems to be the common denominator of the many challenges that project management methodologies intend to resolve. In this respect, Information and Communication Technologies (ICTs) can be viewed as powerful tools for managing projects. Few research papers have focused on the way...
As the world moves from DevOps to NoOps, application deployment to the cloud ought to become a lot simpler. However, applications have been architected with a much tighter coupling than it needs to be which makes deployment in different environments and migration between them harder. The microservices architecture, which is the basis of many new age distributed systems such as OpenStack, Netflix and so on is at the heart of CloudFoundry – a complete developer-oriented Platform as a Service (PaaS...
The Industrial Internet revolution is now underway, enabled by connected machines and billions of devices that communicate and collaborate. The massive amounts of Big Data requiring real-time analysis is flooding legacy IT systems and giving way to cloud environments that can handle the unpredictable workloads. Yet many barriers remain until we can fully realize the opportunities and benefits from the convergence of machines and devices with Big Data and the cloud, including interoperability, ...
High-performing enterprise Software Quality Assurance (SQA) teams validate systems that are ready for use - getting most actively involved as components integrate and form complete systems. These teams catch and report on defects, making sure the customer gets the best software possible. SQA teams have leveraged automation and virtualization to execute more thorough testing in less time - bringing Dev and Ops together, ensuring production readiness. Does the emergence of DevOps mean the end of E...
The term culture has had a polarizing effect among DevOps supporters. Some propose that culture change is critical for success with DevOps, but are remiss to define culture. Some talk about a DevOps culture but then reference activities that could lead to culture change and there are those that talk about culture change as a set of behaviors that need to be adopted by those in IT. There is no question that businesses successful in adopting a DevOps mindset have seen departmental culture change, ...
Amazon and Google have built software-defined data centers (SDDCs) that deliver massively scalable services with great efficiency. Yet, building SDDCs has proven to be a near impossibility for companies without hyper-scale resources. In his session at 15th Cloud Expo, David Cauthron, CTO and Founder of NIMBOXX, highlighted how a mid-sized manufacturer of global industrial equipment bridged the gap from virtualization to software-defined services, streamlining operations and costs while connect...
The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete at launch. DevOps may be disruptive, but it is essential. The DevOps Summit at Cloud Expo – to be held June 3-5, 2015, at the Javits Center in New York City – will expand the DevOps community, enable a wide...
The Internet of Things is tied together with a thin strand that is known as time. Coincidentally, at the core of nearly all data analytics is a timestamp. When working with time series data there are a few core principles that everyone should consider, especially across datasets where time is the common boundary. In his session at Internet of @ThingsExpo, Jim Scott, Director of Enterprise Strategy & Architecture at MapR Technologies, discussed single-value, geo-spatial, and log time series dat...
Cloud Expo, Inc. has announced today that Andi Mann returns to DevOps Summit 2015 as Conference Chair. The 4th International DevOps Summit will take place on June 9-11, 2015, at the Javits Center in New York City. "DevOps is set to be one of the most profound disruptions to hit IT in decades," said Andi Mann. "It is a natural extension of cloud computing, and I have seen both firsthand and in independent research the fantastic results DevOps delivers. So I am excited to help the great team at ...
The Internet of Things is not only adding billions of sensors and billions of terabytes to the Internet. It is also forcing a fundamental change in the way we envision Information Technology. For the first time, more data is being created by devices at the edge of the Internet rather than from centralized systems. What does this mean for today's IT professional? In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists will addresses this very serious issue o...
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using ...
Enterprises are fast realizing the importance of integrating SaaS/Cloud applications, API and on-premises data and processes, to unleash hidden value. This webinar explores how managers can use a Microservice-centric approach to aggressively tackle the unexpected new integration challenges posed by proliferation of cloud, mobile, social and big data projects. Industry analyst and SOA expert Jason Bloomberg will strip away the hype from microservices, and clearly identify their advantages and d...
All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades. With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo, June 9-11, 2015, at the Javits Center in New York City. Learn what is going on, contribute to the discussions, and ensure that your enter...
EMC Corporation on Tuesday announced it has entered into a definitive agreement to acquire privately held Virtustream. When the transaction closes, Virtustream will form EMC’s new managed cloud services business. The acquisition represents a transformational element of EMC’s strategy to help customers move all applications to cloud-based IT environments. With the addition of Virtustream, EMC completes the industry’s most comprehensive hybrid cloud portfolio to support all applications, all workl...
Container frameworks, such as Docker, provide a variety of benefits, including density of deployment across infrastructure, convenience for application developers to push updates with low operational hand-holding, and a fairly well-defined deployment workflow that can be orchestrated. Container frameworks also enable a DevOps approach to application development by cleanly separating concerns between operations and development teams. But running multi-container, multi-server apps with containers ...