Prism Microsystems engages SAIC to perform NIST SCAP testing under the FDCC category

Columbia MD – Prism Microsystems, the leader in comprehensive SIEM solutions that improve security, simplify compliance and optimize IT operations, today announced that it has engaged SAIC to perform SCAP testing of its EventTracker product suite under the stringent Federal Desktop Core Configuration (FDCC) Scanning category. The testing will be conducted under the auspices of the National Institute of Standards and Technology (NIST).

The Security Content Automation Protocol (SCAP) is a method for using specific standards to enable automated vulnerability management, measurement, and policy compliance evaluation (e.g., FISMA compliance). It is a suite of open standards used to enumerate software flaws and configuration issues related to security. The protocol measures systems to find vulnerabilities and offers methods to score those findings to evaluate possible impact.

One application of SCAP is the Federal Desktop Core Configuration or FDCC, which is a list of security settings recommended by NIST for computing systems connected to the network of a United States government agency. In 2007, the U.S. Office of Management and Budget (OMB) mandated that all government organizations adopt FDCC best practice recommendations for Microsoft XP and Vista desktops and laptops, and utilize SCAP-validated tools to verify and then continuously monitor their desktop configurations for compliance.

“We continue to devote substantial research and development resources to ensure that our suite of products are inherently secure and meet the highest standards relevant to our installed base,” said Steve Lafferty, VP of Marketing at Prism Microsystems. “For our large number of federal government customers, testing with SAIC will provide critical third-party validation of EventTracker’s ability to provide continuous monitoring against the FDCC standard in order to mitigate security threats associated with mis-configured endpoints.”

About Prism Microsystems

Prism Microsystems delivers business critical solutions that transform high-volume cryptic log data into actionable, prioritized intelligence that will fundamentally change your perception of the utility, value and organizational potential inherent in log files. Prism’s leading solutions offer Security Information and Event Management (SIEM), real-time Log Management, and powerful Change and Configuration Management to optimize IT operations, detect and deter costly security breaches, and comply with multiple regulatory mandates.

Visit for more information. Follow us on Twitter @logtalk.