Shavlik Technologies, a provider of security and compliance readiness software, announced that NASA has included its security products under the Solutions for Enterprise-Wide Procurement (SEWP IV) Program.

 

Thanks to this multi-year contract, Shavlik’s full security solution suite will be available to Federal government customers who need to fully comply with Federal Information Security Management Act of 2002 (FISMA) reporting requirements.

 

Using the Security Content Automation Protocol (SCAP), Shavlik’s Security Suite — which includes NetChk Protect for vulnerability management, and NetChk Compliance for security configuration management — simplifies and automates vulnerability management, measurement, and policy compliance evaluations.

 

"Shavlik's security solution suite is ideal for Federal Government users who are concerned about both security and compliance requirements," said Todd Rogers, Director of Federal Sales, Shavlik Technologies.

 

Rogers continued: "This NASA SEWP IV Contract provides the ability to quickly and easily respond to the needs of our current customers such as The State Department, US Army, US Air Force, Department of Interior, Department of State, Department of Education, and Department of Justice, and extend our reach to new customers in the Federal Government space."

 

A yearly audit of government agency’s IT controls is mandated by The Federal Information Security Management Act (FISMA) of 2002, which was recently modified and now require additionally a proof of compliance with specific system configurations as defined by the National Institute of Standards and Technology (NIST) and referred to as the Federal Desktop Core Configuration, or FDCC. All government agencies are required to submit the implementation status report to NIST and OMB by March 31.

 

Shavlik Security Suite helps government agencies in meeting these reporting requirements through customized reports and templates. For example, Shavlik has a FDCC policy template that agencies can download from Shavlik’s Web site to compare existing policies and configurations against the NIST standards. This helps agencies to generate and distribute approved system baseline configurations and security policies efficiently, and then prove compliance with those policies within the tight deadlines.

 

Shavlik is providing its technology to more than 20 security and technology companies including companies like BMC, Juniper, Sophos, Symantec (News - Alert) and VMware.