August 19, 2010

EventTracker becomes the only SIEM/Log Management solution to automate configuration assessment against the FDCC standard to help government agencies meet compliance objectives

Columbia, MD – Prism Microsystems, the leader in comprehensive SIEM solutions that improve security, simplify compliance and optimize IT operations, today announced that EventTracker has earned the coveted Security Content Automation Protocol (SCAP) validation from the National Institute of Standards and Technology (NIST) in accordance with the Federal Desktop Core Configuration (FDCC) security mandate for all federal agencies.

The FDCC is a set of operating system configurations recommended by NIST for computing systems connected to the network of a United States government agency. In 2007, the U.S. Office of Management and Budget (OMB) issued a memorandum directing all federal organizations to adopt FDCC best practice recommendations for Microsoft XP and Vista desktops. In addition, these organizations must utilize NIST SCAP-validated tools to verify and then continuously monitor their desktop configurations for compliance.

As the only SCAP-validated SIEM/Log Management product on the market, EventTracker streamlines the entire FDCC scanning process and helps federal agencies reduce the time and resources needed to ensure compliance with regulations. Customers gain an integrated configuration management module that automates the accurate assessment of policy checklists and utilizes granular change detection to identify when an endpoint or server is out of compliance. Assessments can be ad-hoc or scheduled to execute daily, enabling compliance to be managed on a continuous basis.

“Over the past 10 years, we have been helping government organizations protect their critical infrastructures and data from adversaries, as mandated by multiple regulations including FISMA/ NISPOM and the emerging CyberScope requirements. With SCAP-validation, the federal community can confidently maintain and extend their investment in EventTracker with even greater confidence in its ability to quickly identify risks and vulnerabilities, and simplify compliance reporting,” said A.N. Ananth, CEO, Prism Microsystems.

“Beyond compliance, EventTracker also uniquely helps federal agencies further enhance the security of their desktop environments with advanced USB monitoring capabilities that protect against the very real and potentially costly threats posed by insiders,” added Ananth.

NIST has validated EventTracker as an Authenticated Configuration Scanner and Authenticated Patch and Vulnerability Scanner. When assessing system security, vulnerability, and configuration posture, EventTracker utilizes information from XCCDF (Extensible Configuration Checklist Description Format), OVAL (Open Vulnerability Assessment Language), CVE (Common Vulnerability Enumeration) and over 30 checklists originating from multiple sources including the National Checklist Program (NCP), NIST, DISA STIGS or those defined internally by the end-user.

About Prism Microsystems

Prism Microsystems delivers business critical solutions that transform high-volume cryptic log data into actionable, prioritized intelligence that will fundamentally change your perception of the utility, value and organizational potential inherent in log files. Prism’s leading solutions offer Security Information and Event Management (SIEM), real-time Log Management, and powerful Change and Configuration Management to optimize IT operations, detect and deter costly security breaches, and comply with multiple regulatory mandates.

Visit for more information. Follow us on Twitter @logtalk.