04/16/2007

Secure Elements, Inc., a specialist in standards-based IT audit and compliance management, today announced that its newest release fully automates system auditing activities that are required to meet new U.S. Office of Management and Budget (OMB) guidelines for Windows XP and VISTA. This newest release of the C5 Compliance Platform enables agencies to proactively address their plans to comply immediately with the OMB mandate.

ebizQ received the following details:

In support of this government-wide mandate, Secure Elements has introduced the C5 Compliance Starter Bundle, which includes the software solution, a pre-configured server for collection and storage of audit results licensed for up to 100 hosts with annual support and maintenance. This bundle makes available an enterprise-class auditing platform to support initial assessment and planning needs now, in preparation for the milestones directed by OMB in the coming months. The bundle is available on the GSA Schedule for immediate purchase.

"The government now has a common language and guidance for auditing, managing and scoring a common secure desktop configuration, and we are pleased to be able to support this White House initiative with a special bundle to fast-track agencies into mandate compliance," said Scott Armstrong, Vice President of Marketing and Alliances for Secure Elements. "We have designed this special bundle not only for agency staff addressing the mandate, but also for the IT auditors from the Inspector General community that evaluate programs and plans in support of FISMA compliance objectives. For the first time both the auditors and the IT staff can leverage a common solution for assessing secure configurations across an enterprise."

In addition to supporting this mandate, the solution enables automation of many Certification & Accreditation activities, including audits of initial and deployed image configurations, and of the assessment and conformance with recommended baseline settings or modified configuration settings required for exception management per the OMB directive.

"Interpreting a vendors security guidelines and preparing for enterprise roll-outs of a new operating system can be overwhelming," said Scott Carpenter, Director of Security Labs for Secure Elements. "Leveraging solutions for automating the assessment of the security configurations based upon NIST published SCAP guidance helps eliminate both risks and costs. As author of the NIST SCAP content for VISTA security guidelines, Secure Elements provides our customers with unparalleled insight into recommended configurations and evaluation techniques required for this initiative."

The C5 Compliance Platform is the only enterprise compliance platform that has incorporated all of the latest standards as defined by NIST (National Institute of Standards and Technology) SCAP initiative for auditing security configurations. More specifically, the C5 Compliance Platform version 3.2 incorporates XCCDF (eXtensible Configuration Checklist Format) and OVAL (Open Vulnerability Assessment Language) XML standards, as well as CPE (Common Platform Enumeration), CVSS (Common Vulnerability Scoring System), CCE (Common Configuration Enumeration and CVE (Common Vulnerability Enumeration). In addition, the C5 Compliance Platform allows for interoperability with all NIST SCAP XML content, including Microsoft Windows XP Professional, Microsoft Windows VISTA, Microsoft Internet Explorer 7.0, and Microsoft Office 7.0.