SecurityCenter 4 Receives FDCC and SCAP Validated Tool Certification
Note: Tenable SecurityCenter is now Tenable.sc. To learn more about this application and its latest capabilities, visit the Tenable.sc web page.
Tenable Network Security is pleased to announce that SecurityCenter 4 has recently been validated by the National Institute of Standards and Technology (NIST) as conforming to the Security Content Automation Protocol (SCAP) and its component standards. As of December 16, 2010, SecurityCenter 4 is SCAP validated for the following capabilities:
- FDCC Scanner
- Authenticated Vulnerability and Patch Scanner
- Authenticated Configuration Scanner
- Unauthenticated Vulnerability Scanner
SecurityCenter and the Nessus vulnerability scanner both support SCAP by integrating each aspect of OVAL, CVE, CVSS, XCCDF, CPE and CCE to help organizations accurately test their infrastructure and ensure that systems are configured in compliance with security policies and standards. Tenable’s customers use the SCAP-compatible xTool to produce audit policies for SecurityCenter and Nessus, which are used to perform configuration audits of target systems, analyze them for FDCC compliance and provide reports to system administrators and management. SecurityCenter also performs remediation scanning to help ensure that systems with known vulnerabilities are patched and that compliant settings are not reverted to a non-compliant state.
For more information about how Tenable’s solutions can help your organization, contact our Sales department for a copy of our Real-Time Compliance Monitoring whitepaper. Tenable’s product validation information for SecurityCenter can be found on NIST’s web site at http://nvd.nist.gov/validation_tenable.cfm and validation details can be found here.
Related Articles
Unified IT and Web App Security: On-Prem Web App Scanning Integrated into Security Center
October 17, 2023On-prem web app scanning is now available within Tenable Security Center, offering comprehensive exposure management with accurate analysis, OWASP Top 10 coverage and easy setup. Here’s what you need to know.
What Is VPR and How Is It Different from CVSS?
April 16, 2020This blog series will provide an in-depth discussion of vulnerability priority rating (VPR) from a number of different perspectives. Part one will focus on the distinguishing characteristics of VPR th...
Tenable Releases SecurityCenter Continuous View
August 9, 2012<p>Today, Tenable <a href="http://www.tenable.com/news-events/press-releases/2012-tenable-network-security-unveils-securitycenter-continuous-view" target="_self" title="Tenable Network Security Unveils SecurityCenter Continuous View">announced </a>the availability of a new edition of SecurityCenter, called Continuous View.</p> <p>This edition of SecurityCenter uniquely encompasses both scanning and monitoring, with the inclusion of Tenable's Passive Vulnerability Scanner (PVS). That makes SecurityCenter Continuous View uniquely capable of addressing vulnerability, configuration, and compliance management requirements for emerging technologies like mobile devices, cloud-based services, social applications, and virtual systems.</p> <p>The flexible licensing approach provided by SecurityCenter Continuous View allows enterprise customers to deploy PVS in much the same way as they do with Nessus within SecurityCenter, pretty much as many as needed.</p> <p>Existing SecurityCenter customers can upgrade to a ContinuousView license and begin to enjoy the benefits of continuous monitoring with PVS. These include:</p> <ul> <li>Real-time identification of server and client vulnerabilities </li> <li>Identification of mobile devices and their vulnerabilities </li> <li>Passive discovery of all internal and external web servers and databases </li> <li>Identification of trust and communication paths </li> <li>Passive monitoring of virtual environments </li> </ul>
Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps
November 22, 2024Don’t miss OWASP’s update to its “Top 10 Risks for LLMs” list. Plus, the ranking of the most harmful software weaknesses is out. Meanwhile, critical infrastructure orgs have a new framework for using AI securely. And get the latest on the BianLian ransomware gang and on the challenges of protecting water and transportation systems against cyberattacks.
Active Directory Under Attack: Five Eyes Guidance Targets Crucial Security Gaps
November 21, 2024A landmark global report from cybersecurity agencies emphasizes 17 attack techniques against Microsoft Active Directory and cautions organizations to step up protections. In the first of our two-part series, we offer five steps you can take today to shore up your AD defenses.
Five Cyber Agencies Sound Alarm About Active Directory Attacks: Beyond the Basics
November 21, 2024A landmark global report emphasizes 17 attack techniques against Microsoft Active Directory and cautions organizations to step up protections. In the second of our two-part series, we take you beyond the basics to highlight three key areas to focus on.
- SecurityCenter