eEye Digital Security's Retina Wins SCAP Certification from National Institute of Standards & Technology
03/18/2010

Retina meets NIST standards for automated vulnerability management, measurement and policy compliance.

Online PR News – 18-March-2010 – – Irvine, CA, March 18, 2010 -- eEye Digital Security (http://www.eeye.com), a provider of unified vulnerability management (http://www.eeye.com/Solutions/Business-Need/Vulnerability-Assessment.aspx?src=prw&2) and compliance solutions, today announced that its Retina vulnerability management solution has received SCAP certification from the National Institute of Standards & Technology. With this government validation, Retina now meets core NIST standards for automated vulnerability management, measurement and policy compliance. Additionally, Retina also meets Federal Desktop Core Configuration (FDCC) compliance standards on the Microsoft Windows XP Professional and Windows Vista operating systems.

The Security Content Automation Protocol (SCAP) combines a number of open standards that are used to enumerate software flaws and configuration issues related to security. The protocol measures systems to find vulnerabilities and offer methods to score those findings in order to evaluate the possible impact.

"We are very honored to receive recognition from NIST and pleased that our engineering efforts behind Retina has built a solution strong enough to meet U.S. government standards for automated vulnerability management, measurement and policy compliance," said Kevin Hickey, eEye CEO.

In brief, Retina has been validated to meet the following SCAP capabilities:

* FDCC scanning capability to audit and assess a target system to determine its compliance with FDCC requirements;
* Authenticated configuration scanning capability to audit and assess a target system to determine its compliance with a defined set of configuration requirements using target system logon privileges;
* Authenticated vulnerability and patch scanning capability to scan a target system to locate and identify the presence of known vulnerabilities and evaluate the software patch status to determine compliance with a defined patch policy using target system logon privileges;
* Unauthenticated vulnerability scanner: the capability to determine the presence of known vulnerabilities by evaluating the target system over the network.

The award-winning suite of powerful Retina security solutions identify known and zero-day vulnerabilities and provide intrusion prevention, security risk assessment and mitigation, enabling security best practices, policy enforcement and regulatory audits. Retina has the power to immediately target vulnerabilities and generate detailed reports that meet strict government-mandated compliance requirements.

eEye has been providing security technology and services to small and mid-size enterprises and to state and federal government agencies for more than 10 years.

Also announced today, eEye will debut a website devoted to government customers and end-users at http://www.eeye.com/gov

For more information on SCAP, please visit: http://scap.nist.gov and http://nvd.nist.gov/scapproducts.cfm.

About eEye Digital Security:
Founded in 1998, eEye Digital Security is a leader in vulnerability management and compliance, providing the only unified solution that integrates assessment, mitigation and protection into a complete offering. eEye enables secure and compliant computing through world-renowned research and is consistently the first to identify and protect systems from zero-day threats. eEye is a trusted advisor providing network security education; product deployment services and enterprise-wide integration.

All trademarks contained within this press release are the sole property of their respective owners and are hereby acknowledged.

Press Contact:
Victor Cruz, Principal
MediaPR.net, Inc
Irvine, CA 92617
(401) 349-3369
vcruz@mediapr.net
http://www.eeye.com