SecurityCenter 4 Receives FDCC and SCAP Validated Tool Certification
Note: Tenable SecurityCenter is now Tenable.sc. To learn more about this application and its latest capabilities, visit the Tenable.sc web page.
Tenable Network Security is pleased to announce that SecurityCenter 4 has recently been validated by the National Institute of Standards and Technology (NIST) as conforming to the Security Content Automation Protocol (SCAP) and its component standards. As of December 16, 2010, SecurityCenter 4 is SCAP validated for the following capabilities:
- FDCC Scanner
- Authenticated Vulnerability and Patch Scanner
- Authenticated Configuration Scanner
- Unauthenticated Vulnerability Scanner
SecurityCenter and the Nessus vulnerability scanner both support SCAP by integrating each aspect of OVAL, CVE, CVSS, XCCDF, CPE and CCE to help organizations accurately test their infrastructure and ensure that systems are configured in compliance with security policies and standards. Tenable’s customers use the SCAP-compatible xTool to produce audit policies for SecurityCenter and Nessus, which are used to perform configuration audits of target systems, analyze them for FDCC compliance and provide reports to system administrators and management. SecurityCenter also performs remediation scanning to help ensure that systems with known vulnerabilities are patched and that compliant settings are not reverted to a non-compliant state.
For more information about how Tenable’s solutions can help your organization, contact our Sales department for a copy of our Real-Time Compliance Monitoring whitepaper. Tenable’s product validation information for SecurityCenter can be found on NIST’s web site at http://nvd.nist.gov/validation_tenable.cfm and validation details can be found here.
Related Articles
Unified IT and Web App Security: On-Prem Web App Scanning Integrated into Security Center
October 17, 2023On-prem web app scanning is now available within Tenable Security Center, offering comprehensive exposure management with accurate analysis, OWASP Top 10 coverage and easy setup. Here’s what you need to know.
What Is VPR and How Is It Different from CVSS?
April 16, 2020This blog series will provide an in-depth discussion of vulnerability priority rating (VPR) from a number of different perspectives. Part one will focus on the distinguishing characteristics of VPR th...
Tenable Releases SecurityCenter Continuous View
August 9, 2012<p>Today, Tenable <a href="http://www.tenable.com/news-events/press-releases/2012-tenable-network-security-unveils-securitycenter-continuous-view" target="_self" title="Tenable Network Security Unveils SecurityCenter Continuous View">announced </a>the availability of a new edition of SecurityCenter, called Continuous View.</p> <p>This edition of SecurityCenter uniquely encompasses both scanning and monitoring, with the inclusion of Tenable's Passive Vulnerability Scanner (PVS). That makes SecurityCenter Continuous View uniquely capable of addressing vulnerability, configuration, and compliance management requirements for emerging technologies like mobile devices, cloud-based services, social applications, and virtual systems.</p> <p>The flexible licensing approach provided by SecurityCenter Continuous View allows enterprise customers to deploy PVS in much the same way as they do with Nessus within SecurityCenter, pretty much as many as needed.</p> <p>Existing SecurityCenter customers can upgrade to a ContinuousView license and begin to enjoy the benefits of continuous monitoring with PVS. These include:</p> <ul> <li>Real-time identification of server and client vulnerabilities </li> <li>Identification of mobile devices and their vulnerabilities </li> <li>Passive discovery of all internal and external web servers and databases </li> <li>Identification of trust and communication paths </li> <li>Passive monitoring of virtual environments </li> </ul>
Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security
November 1, 2024Should critical infrastructure orgs boost OT/ICS systems’ security with zero trust? Absolutely, the CSA says. Meanwhile, the Five Eyes countries offer cyber advice to tech startups. Plus, a survey finds “shadow AI” weakening data governance. And get the latest on MFA methods, CISO trends and Uncle Sam’s AI strategy.
FY 2024 State and Local Cybersecurity Grant Program Adds CISA KEV as a Performance Measure
October 31, 2024The CISA Known Exploited Vulnerabilities (KEV) catalog and enhanced logging guidelines are among the new measurement tools added for the 2024 State and Local Cybersecurity Grant Program.
Cybersecurity Snapshot: New Guides Offer Best Practices for Preventing Shadow AI and for Deploying Secure Software Updates
October 25, 2024Looking for help with shadow AI? Want to boost your software updates’ safety? New publications offer valuable tips. Plus, learn why GenAI and data security have become top drivers of cyber strategies. And get the latest on the top “no-nos” for software security; the EU’s new cyber law; and CISOs’ communications with boards.
- SecurityCenter