Federal

Shavlik Receives Evaluation Assurance Level 3+ of Common Criteria

Shavlik receives Evaluation Assurance Level 3+ (EAL 3+) of Common Criteria Common Criteria EAL 3+ that represents the highest security standards certification essential for any government or international sales requirement. Common Criteria is an internationally recognized set of guidelines for information technology security products used around the world. Common Criteria can apply to any security product to be used in a government agency. This rigorous standard is mutually accepted by 24 countries around the world.

Download the Common Criteria Press Release.

Common Criteria Listing: http://www.cse-cst.gc.ca/its-sti/services/cc/shavlik-v80-eng.html

SCAP Validated

The Government Edition is one of only a few Security Content Automation Protocol (SCAP) validated products that simplifies and automates both assessment and remediation. Shavlik is ONE of only FIVE vendors that have been validated for Misconfiguration Remediation. To view Shavlik’s validation on the NIST web site click here.

FDCC: First Real World Application for the SCAP Protocols

Approved FDCC Scanner

The US Federal Government, in an effort to improve the security of its computer systems as well as provide more specific requirements for agencies to adhere to FISMA (Federal Information Security Management Act), has mandated that all cabinet level agencies deploy a single Federal Desktop Core Configuration.

Shavlik provides a downloadable FDCC template that agencies can use to quickly compare configurations across a network to the configuration mandated by the FDCC. The Shavlik Security Suite not only discovers those systems non compliant with the FDCC, but can automatically bring errant systems back to compliancy.

Shavlik IAV Compliance Reporting

The Shavlik Security Suite Government Edition helps customers achieve compliance with Information Assurance Vulnerability alerts, bulletins, and technical advisories and IAV-mandated remediation deadlines. This capability provides US Department of Defense agencies with the ability to simplify and automate their operational processes for reporting their patch compliance with the Department of Defense’s IAV policies.

The Shavlik IAVA Reporter works in tandem with Shavlik NetChk Protect to provide:

1. Direct correlation of DoD-created unique IAV numbers to Microsoft QNumbers and Bulletin numbers.
2. IAV-specific reports that aggregate results filtered by selected the IAV patch group. Reports include Deployment Percentage by Patch, Detailed Summary, Machines Status by Patch Count, and Patch Status Detail.
3. Automated remediation to better ensure compliance with IAV-mandated remediation requirements and deadlines.
4. Regularly distributed data updates to ensure the latest and most thorough IAV data coverage available through the Shavlik NetChk Protect application and the Shavlik IAVA Reporter add-on.

Enterprise View of Your Systems

An intuitive IT risk and compliance solution that provides powerful and intelligent analytics to the mountain of security data generated, improving decision making about risk and the defensive measures required to eliminate exploitable vulnerabilities. It places critical security information at your fingertips, giving you the visibility and intelligence you need to act with confidence.