SOURCE: eEye Digital Security

eEye Digital Security

March 15, 2010 10:22 ET

eEye Digital Security's Retina Wins SCAP Certification From National Institute of Standards & Technology

Retina Meets NIST Standards for Automated Vulnerability Management, Measurement and Policy Compliance

IRVINE, CA--(Marketwire - March 15, 2010) - eEye Digital Security (, a provider of unified vulnerability management and compliance solutions, today announced that its Retina vulnerability management solution has received SCAP certification from the National Institute of Standards & Technology. With this government validation, Retina now meets core NIST standards for automated vulnerability management, measurement and policy compliance. Additionally, Retina also meets Federal Desktop Core Configuration (FDCC) compliance standards on the Microsoft Windows XP Professional and Windows Vista operating systems.

The Security Content Automation Protocol (SCAP) combines a number of open standards that are used to enumerate software flaws and configuration issues related to security. The protocol measures systems to find vulnerabilities and offer methods to score those findings in order to evaluate the possible impact.

"We are very honored to receive recognition from NIST and pleased that our engineering efforts behind Retina has built a solution strong enough to meet U.S. government standards for automated vulnerability management, measurement and policy compliance," said Kevin Hickey, eEye CEO.

In brief, Retina has been validated to meet the following SCAP capabilities:

--  FDCC scanning capability to audit and assess a target system to
    determine its compliance with FDCC requirements;
--  Authenticated configuration scanning capability to audit and assess a
    target system to determine its compliance with a defined set of
    configuration requirements using target system logon privileges;
--  Authenticated vulnerability and patch scanning capability to scan a
    target system to locate and identify the presence of known
    vulnerabilities and evaluate the software patch status to determine
    compliance with a defined patch policy using target system logon
--  Unauthenticated vulnerability scanner: the capability to determine
    the presence of known vulnerabilities by evaluating the target system
    over the network.

The award-winning suite of powerful Retina security solutions identify known and zero-day vulnerabilities and provide intrusion prevention, security risk assessment and mitigation, enabling security best practices, policy enforcement and regulatory audits. Retina has the power to immediately target vulnerabilities and generate detailed reports that meet strict government-mandated compliance requirements.

eEye has been providing security technology and services to small and mid-size enterprises and to state and federal government agencies for more than 10 years.

Also announced today, eEye will debut a website devoted to government customers and end-users at

For more information on SCAP, please visit: and

About eEye Digital Security

Founded in 1998, eEye Digital Security is a leader in vulnerability management and compliance, providing the only unified solution that integrates assessment, mitigation and protection into a complete offering. eEye enables secure and compliant computing through world-renowned research and is consistently the first to identify and protect systems from zero-day threats. eEye is a trusted advisor providing network security education; product deployment services and enterprise-wide integration.

All trademarks contained within this press release are the sole property of their respective owners and are hereby acknowledged.

Contact Information

  • Press Contact:
    Victor Cruz, MediaPR (401) 349-3369 | email:

    eEye Digital Security
    111 Theory, Suite 250
    Irvine, California 92617
    Main: 1.949.333.1900
    Fax: 1.949.333.1994