Red Hat openSCAP certified under NIST SCAP 1.22014-04-29
Austin, TX – atsec information security congratulates Red Hat on the announcement of the certification of Red Hat’s openSCAP under the National Institute of Standards and Technology’s (NIST) Security Content Automation Protocol (SCAP) 1.2 in the Authenticated Configuration Scanner category.
atsec information security performed the independent testing as an accredited laboratory under the NVLAP (National Voluntary Laboratory Accreditation Program).
This is one of the first products to be certified using version 1.2 of the SCAP standards, which combines a number of open standards used to enumerate software flaws and configuration issues related to security.
The SCAP Validation Program is designed to test a product’s ability to use the features and functionality available through SCAP and its component standards, which is a key part of the Information Security Automation Program (ISAP), a U.S. government initiative to enable automation and standardization of technical security operations.
Validation in the Authenticated Configuration Scanner category addresses the capability of an application to audit and assess a target system to determine its compliance with a defined set of configuration requirements using target system logon privileges.
- The certificate on the NIST website
- Red Hat press release
- More about atsec’s service offerings for SCAP
atsec information security (www.atsec.com) is a group of independent standards-based information technology security services companies with offices in the U.S., Germany, Sweden, China and Thailand. atsec's services include formal laboratory testing and evaluation of information assurance (IA) and IA-enabled commercial off the shelf (COTS) information technology, as well as information security consultancy. atsec works with any company, regardless of size or locale, which is serious about IT security.