Welcome!

@CloudExpo Authors: Liz McMillan, Elizabeth White, Pat Romanski, Yeshim Deniz, Zakia Bouachraoui

News Feed Item

nCircle Announces the Availability of the First SCAP 1.2 Draft Compliant Scanner in Configuration Compliance Manager

nCircle, the leader in information risk and security performance management, today announced the availability of the market’s first Security Content Automation Protocol (SCAP) 1.2 draft compliant scanner in Configuration Compliance Manager™ (CCM).

SCAP combines a number of open standards and is designed to enable automated vulnerability management, measurement, and policy compliance evaluation. SCAP 1.2 adds a number of new checklists including asset identification and asset reporting formats, as well as the Common Configuration Scoring System. It also includes a digital trust model for securing reports and checklists.

nCircle CCM provides the most comprehensive, agentless configuration compliance solution for benchmark content available in SCAP format. Unlike other solutions, CCM processes SCAP content natively and does not require a converter, dramatically reducing errors and the time needed to process SCAP content.

nCircle CCM automates configuration auditing, change monitoring and configuration compliance processes, providing government agencies and contractors with the industry’s clearest picture of IT system configurations and the compliance impact of configuration changes. SCAP scan results can be exported in XML and HTML.

“nCircle has always been a pioneer in the evolution of security standards, and our products are first in line to be certified SCAP 1.2 compliant,” said Tim ‘TK’ Keanini, chief research officer for nCircle. “CCM helps our federal customers automate configuration compliance and makes SCAP 1.2 compliance much easier.”

nCircle is a long-standing supporter of federal security standards initiatives and has invested heavily in the development of open security standards used extensively throughout the federal government. Keanini has been actively involved in the development of Security Content Automation Protocol (SCAP), Common Configuration and Enumeration (CCE), Common Platform Enumeration (CPE), Common Vulnerability Enumeration (CVE), Open Vulnerability Assessment Language (OVAL®) and Common Vulnerability Scoring System standards.

nCircle has completed strategic implementations for many federal government customers including:

  • Executive Office of the President
  • Legislative Branch
  • Department of Agriculture
  • Department of Commerce
  • Department of Defense
  • Department of Energy
  • Department of the Interior
  • Department of Health and Human Services
  • Department of Homeland Security
  • Department of Labor
  • Department of State
  • Department of the Treasury
  • Multiple independent agencies, including the Nuclear Regulatory Commission and the Federal Communications Commission

“It has been exciting to watch the efforts of SCAP standards advance over time. More configuration policies are becoming available in SCAP format from a growing number of sources including DISA, NSA, NIST, MITRE, as well as vendors like Microsoft and RedHat," said Keren Cummins, director of federal markets at nCircle. "With this upgrade, the nCircle Suite360 solutions now provide customers immediate use of those policies, natively, across the entire enterprise."

The new version of nCircle CCM is available now to all CCM customers. For more information please visit: https://www.ncircle.com/index.php?s=products_ccm.

About nCircle Suite360

nCircle provides the world's most comprehensive suite of solutions for agentless security and configuration auditing for physical and virtual IT environments. nCircle's solutions combine the broadest discovery and deepest assessment of networks and their operating systems, applications, vulnerabilities and configurations with advanced analytics to help enterprises reduce security risk and achieve compliance. nCircle solutions include IP360™ for enterprise vulnerability management, PureCloud™ for cloud-based vulnerability scanning, WebApp360™ for web application scanning, Configuration Compliance Manager™ for configuration auditing and file integrity monitoring, Certified PCI Scan Service™ for PCI scanning, Suite360 Intelligence Hub™ for advanced reporting and analytics and Benchmark for and security performance management.

About nCircle

nCircle is the leading provider of information risk and security performance management solutions to more than 6,500 businesses and government agencies worldwide. nCircle solutions enable enterprises of all sizes to (1) automate compliance and reduce risk, and (2) measure and compare the performance of their IT security program with their own goals and industry peers. nCircle solutions may be deployed on a customer’s premises, as a cloud-based service, or in combination, for maximum flexibility and value.

nCircle has won numerous awards for growth, innovation, customer satisfaction and technology leadership and has been ranked among the top 100 best places to work in the San Francisco Bay Area. nCircle is headquartered in San Francisco, CA, with regional offices throughout the United States and in London and Toronto. To learn how you can more effectively protect your company visit us at http://www.ncircle.com.

nCircle is a registered trademark of nCircle Network Security, Inc. All other registered or unregistered trademarks are the sole property of their respective owners.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

CloudEXPO Stories
In an era of historic innovation fueled by unprecedented access to data and technology, the low cost and risk of entering new markets has leveled the playing field for business. Today, any ambitious innovator can easily introduce a new application or product that can reinvent business models and transform the client experience. In their Day 2 Keynote at 19th Cloud Expo, Mercer Rowe, IBM Vice President of Strategic Alliances, and Raejeanne Skillern, Intel Vice President of Data Center Group and GM, discussed how clients in this new era of innovation can apply data, technology, plus human ingenuity to springboard to advance new business value and opportunities.
With more than 30 Kubernetes solutions in the marketplace, it's tempting to think Kubernetes and the vendor ecosystem has solved the problem of operationalizing containers at scale or of automatically managing the elasticity of the underlying infrastructure that these solutions need to be truly scalable. Far from it. There are at least six major pain points that companies experience when they try to deploy and run Kubernetes in their complex environments. In this presentation, the speaker will detail these pain points and explain how cloud can address them.
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud, to a world of hybrid cloud, and to a world dominated by the APIs that make today's multi-cloud environments and hybrid clouds possible. In this Power Panel at 17th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the importance of customers being able to use the specific technologies they need, through environments and ecosystems that expose their APIs to make true change and transformation possible.
The current age of digital transformation means that IT organizations must adapt their toolset to cover all digital experiences, beyond just the end users’. Today’s businesses can no longer focus solely on the digital interactions they manage with employees or customers; they must now contend with non-traditional factors. Whether it's the power of brand to make or break a company, the need to monitor across all locations 24/7, or the ability to proactively resolve issues, companies must adapt to the new world.
In his session at 20th Cloud Expo, Scott Davis, CTO of Embotics, discussed how automation can provide the dynamic management required to cost-effectively deliver microservices and container solutions at scale. He also discussed how flexible automation is the key to effectively bridging and seamlessly coordinating both IT and developer needs for component orchestration across disparate clouds – an increasingly important requirement at today’s multi-cloud enterprise.