OVERLAND PARK, KS--(Marketwired - May 14, 2014) - FireMon, the leading provider of proactive security intelligence solutions, today announced that the Security Manager and Risk Analyzer elements of its Security Intelligence Platform are currently listed as "In Evaluation" for Common Criteria certification.
Administered by the National Information Assurance Partnership (NIAP), the Common Criteria Evaluation and Validation Scheme (CCEVS) represents an agreed upon standard for independent certification to ensure that IT systems and devices utilized by the federal government for national security are secure. Worldwide, 22 countries now acknowledge Common Criteria (also known as ISO international standard 15408) as the official third-party criteria for IT security procedures.
Common Criteria certification includes testing against exacting security requirements by accredited laboratories. FireMon is pursuing a rigorous validation process with the U.S.-based Leidos Common Criteria Testing Laboratory (CCTL). The Leidos CCTL, which has completed more Common Criteria evaluations than any other lab, is accredited by the National Voluntary Laboratory Accreditation Program (NVLAP), code 200427-0.
The benefit of Common Criteria certification is compliance with the NSTISSP #11 standard, the Department of Defense 8500 directive, and 8500.1 and 8500.2 instructions. These directives require that the acquisition of all commercial-off-the-shelf (COTS) or government-off-the-shelf (GOTS) information assurance (IA) or IA-enabled information technology products that are to be used as part of a solution for DoD systems entering, processing, storing, displaying, or transmitting national security information must be Common Criteria certified.
"Investments in key technical certification programs such as Common Criteria are critical to success in the demanding federal cybersecurity market," said Frank McLallen, Accuvant's vice president, federal sales. "Participating in this program shows that FireMon is committed to the federal marketplace and dedicated to having the right people, time, and resources in place to help secure federal agency networks."
"FireMon's pursuit of Common Criteria certification is a tremendous milestone. The 'In Evaluation' status enables a majority of U.S. federal agencies to now procure FireMon solutions through multiple authorized partners and contract vehicles while the Common Criteria certification process is completed," said Al Nieves, vice president, federal solutions for FireMon. "Government agencies can now continuously monitor their networks and generate real-time, actionable information to reduce their cyber-attack surface, strengthen their security posture, and enhance their overall cyber-security readiness with unique FireMon solutions."
The FireMon Security Intelligence Platform allows federal agencies to automate security device management and vulnerability risk analysis -- two key requirements of the $6 billion DHS Continuous Diagnostics and Mitigation (CDM) program -- by quickly identifying, understanding, and managing changes in overall security posture. Unlike reactive approaches that simply log past events, Security Manager enables users to understand and fix configuration, policy, and risk exposures in real-time. Risk Analyzer offers patented risk analysis capabilities that identify and prioritize vulnerabilities on key IT assets that are reachable by adversaries, ensuring that the highest level risks are mitigated first.
FireMon is the industry leader in proactive security intelligence solutions that deliver continuous control of infrastructure, policy, and IT risk for federal agencies. The FireMon Security Intelligence Platform is a massively scalable, high-performance foundation for network risk analytics, change workflow automation, firewall rule base clean-up, compliance audit assessment, and security operations for cost reduction. For more information, visit http://www.firemon.com.