Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

VA has new security program

From: InfoSec News <isn () c4i org>
Date: Tue, 25 Nov 2003 02:05:27 -0600 (CST)
http://www.fcw.com/fcw/articles/2003/1124/web-va-11-24-03.asp

By Randall Edwards 
Nov. 24, 2003

The Department of Veterans Affairs started a proactive vulnerability
management program to provide improved cybersecurity at more than 250
facilities nationwide.

Hercules, an automated vulnerability remediation solution offered by
Citadel Security Software Inc., is a critical component in a strategy
that includes Harris Corp.'s Security Threat Avoidance Technology
(STAT) Scanner program as well as a hardware platform provided by
Hewlett-Packard Co.

The STAT Scanner probes the network and identifies possible
vulnerabilities. Hercules has vulnerability assessment tools for a
wide variety of platforms and allows VA personnel to review data from
multiple sources before deploying a vulnerability fix.

The arrangement covers 235,000 workstations and servers in the
department's network.

VA system administrators can deploy customized solutions for software
defects, misconfigurations, unsecured user accounts, unnecessary
services and backdoors.

The new strategy will provide more frequent security assessments,
reducing risks and ensuring compliance with privacy regulations and
internal security standards, officials said. Potential vulnerabilities
can more easily be identified and reported to the VA's central
incident response center for centralized management.

In addition, the new service will allow individual facilities to
quickly respond to security bulletins released by the response center.

Steve Solomon, president and chief executive officer of Citadel,
labeled the VA as a government agency "on the cutting edge of
technology and security." He said the VA "is demonstrating its
commitment to protecting its critical infrastructure by consistently
maintaining the best security protection available and setting forth a
road map for other agencies to adopt the most comprehensive, effective
identification and resolution of vulnerabilities."



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: