atsec information security Completes SCAP Testing for Microsoft System Center Configuration Manager

AUSTIN, Texas--(Business Wire)--
atsec performed the FDCC Scanner validation testing for Microsoft System Center
Configuration Manager 2007 Extensions for SCAP under the current SCAP standard. 

"Microsoft recognizes the importance of supporting industry standards. For our
public sector and government customers, it is important to add support for
SCAP-compliant reporting formats. System Center Configuration Manager 2007
provides a strong collection of core functionalities for hardware and software
inventory, as well as robust reporting services and the ability to define,
deploy, and measure configuration baselines in a managed environment. By adding
the SCAP reporting format support to System Center Configuration Manager,
organizations can meet FDCC mandates for compliance reporting," said Jeff
Wettlaufer, technical product manager, System Center marketing at Microsoft
Corp. 

The Microsoft team worked diligently to meet the complex requirements of the
FDCC (Federal Desktop Core Configuration) scanning tool. The System Center
Configuration Manager Extensions for SCAP is an add-on to System Center
Configuration Manager. 

Steve Weingart, who leads the testing effort for atsec, comments: "Working with
the Microsoft development team was a great experience. At each step the
Microsoft team spared no effort to ensure that the tool met the long and complex
list of NIST SCAP requirements. The best part about the tool is that it is
integrated into the Windows Server environment making it extremely easy to map
mixed Windows XP and Windows Vista systems in a domain to the appropriate SCAP
configuration for each. In addition, report management from either the client or
the server is easy." 

The Information Security Automation Program/Security Content Automation Protocol
(SCAP) is a U.S. government initiative to enable automation and standardization
of technical security operations. atsec information security is an accredited
validation laboratory under NVLAP (National Voluntary Laboratory Accreditation
Program). 

For more information on the product, please refer to
http://www.microsoft.com/systemcenter/configurationmanager/en/us/default.aspx. 

About atsec information security

atsec information security is an independent, standards-based information
technology security services company that combines a business-oriented approach
to information security with in-depth technical knowledge and global experience.
atsec was founded in Munich, Germany in 2000 and has extensive international
operations with offices in the U.S., Germany, Sweden, and China. 

atsec offers secure code review, ISO/IEC 27001 ISMS consulting, and penetration
testing and scanning services as well as being a QSA and ASV. 

atsec also offers evaluation and testing services leading to formal
certification for IT security including evaluation under Common Criteria schemes
in the U.S., Germany, and Sweden; cryptographic module and algorithm testing
under the Cryptographic Module Validation Program of the National Institute of
Standards and Technology (NIST) in the U.S. and Communications Security
Establishment Canada (CSEC) in Canada. 

Atsec works with such leading global companies as IBM, Apple, Microsoft,
Hewlett-Packard, Oracle, Cray, BMW, SGI, Vodafone, Swisscom, RWE, and
Wincor-Nixdorf.

atsec information security
Andreas Fabis, 512-615-7317
Marketing Director
fabis@atsec.com

Copyright Business Wire 2009