SecureFusion Receives NIST Validation
	SCAP Overview
	Methodology
	Asset Discovery
	Vulnerability Management
	Configuration Management
	Policy Management
	External Perimeter Monitoring Service
	SecureFusion Portal
	Watch our Video
	Request a Live Demo
	Contact Us

SCAP Compatible Compliance Scanning

As a validated SCAP platform, SecureFusion has received the following SCAP validations from the National Institute of Standards and Technology (NIST):

http://nvd.nist.gov/validation_gideon.cfm

The SecureFusion™ software suite is a compliance framework tool that helps you measure progress against standards in an automated, SCAP-validated and 100 percent agent-less way.

SecureFusion can discover every asset connected to your network, scan the appropriate assets for compliance with federal standards, and provide a centralized portal for continuous measurement and reporting. For most agencies, SecureFusion can accomplish all this in less than 48 hours!

Measure FDCC Compliance Quickly and Easily

Using the SCAP protocol, SecureFusion will automatically perform configuration checks on the systems required to implement the Federal Desktop Core Configuration (FDCC) standard. FDCC is currently an OMB-mandated security configuration for Microsoft Windows Vista and XP operating system software, although the stated intent is to include more platforms in the future. With SecureFusion, you can measure FDCC compliance enterprise-wide, without the complex deployment of agents. Navigating between summary reporting and executive dashboards to specific, descriptive and granular reports takes just three clicks in the SecureFusion Portal.

How does it work?

SCAP compatibility

SecureFusion uses the Secure Content Automation Protocol (SCAP) to enable automated asset discovery, vulnerability and configuration management, and policy compliance evaluation in accordance with Federal standards.

Integrated risk and compliance scanning

SecureFusion integrates four critical SCAP-validated functions, including:

• SecureFusion Asset Discovery – rapidly discovers and inventories all networks and network assets, including managed and unmanaged devices. 
• SecureFusion Configuration Management– maintains an accurate inventory of system configurations, including technical controls, software, user accounts and system changes.
• SecureFusion Vulnerability Management –conducts ongoing management of third party vulnerability scanners like Nessus®. Integrates the vulnerability detection and reporting for operating systems, infrastructure, network applications and databases.
• SecureFusion Policy Management – continuously evaluates system configuration and compliance with standards and policies.

Streamlined measurement and reporting

• The SecureFusion Portal controls all scanning functions to enable a streamlined, automated and end-to-end measurement process—from asset discovery to reporting and workflow.

SecureFusion automatically measures IT security and compliance against:

• Federal Information Security Management Act (FISMA)
• Federal Desktop Core Configuration (FDCC)
• Certification and Accreditation (C&A)
• National Institute of Standards and Technology (NIST) 800 Series

Achieve Compliance Quickly and Easily

We understand that measurement of FDCC compliance and NIST 800 standards are top priorities for government agencies. We can help you understand your current state, report on your compliance, and measure your progress towards remediation quickly, easily and continuously.

Government agencies will find SecureFusion listed as a SCAP-validated tool under the Compliance Framework, Network Framework and Vulnerability/Configuration Scanners categories on the National Vulnerability Database Web site.

Learn More

To learn how SecureFusion can benefit your IT environment, watch our product video.