SecureInfo Releases RMS 3.1 Certification & Accreditation Compliance Solution and Progresses to Dynamic Enterprise Risk Management Model

Business Wire, May 19, 2004

Business Editors/High-Tech Writers

SAN ANTONIO--(BUSINESS WIRE)--May 19, 2004

Modular Components will include Vulnerability Management & Remediation Integration, Enterprise Dashboard Reporting, Scanner Integration and Asset Management

SecureInfo Corporation, a recognized leader in delivering enterprise information security solutions, announced today, May 19, as the general availability date of RMS(TM) (Risk Management System) version 3.1. SecureInfo's market leading Certification & Accreditation (C&A) compliance solution allows the Federal Government and commercial organizations to automate policy, requirements, standards and guidelines into an approval-ready security compliance package to meet a broad range of Government security regulations and requirements.

The new functionality provided in RMS 3.1 includes:

-- Standardized, easy-to-use, MS Windows(R) look and feel

-- Professional software self-installer

-- Bundled content delivery and packaging for easy updates and

protection of local, customized content

-- FISCAP (Final version of NIST 800-37)

-- DITSCAP Air Force

-- DITSCAP Army

-- DITSCAP Navy

-- DITSCAP Marines

-- DITSCAP Joint Agencies

-- C&A package version control and change history

-- Section 508 compliance

-- Electronic DAA approval and C&A documentation storage

From Compliance to Enterprise Risk Management

Information security is rapidly evolving from an IT-centric concern to a major business issue for CIOs, CISOs and other senior executives in the Federal Government and commercial industry. These executives are faced with the impossible task of not only securing the enterprise to protect mission critical information, but also maintaining the continuity of the processes that keep the organization running. Securing the enterprise requires organizations to align security with business requirements, compliance to legislation, business partner controls and overall risk management.

To meet this challenge, organizations require a solution that aggregates and correlates the many diverse domains of information security including, policy, compliance, assets, incidents, threats, vulnerabilities and configuration management. These domains must be correlated into a centralized dashboard for analysis and decision support to effectively manage security across the enterprise.

Building upon the strong base provided by RMS 3.1, SecureInfo will be introducing a suite of RMS modules, which can be purchased separately and easily integrated with the core product. These modules are being designed to address the top priorities affecting comprehensive enterprise risk management, including:

-- Vulnerability management

-- Network scanner integration

-- Weighted risk management

-- Enterprise-wide dashboard reporting and alerting

-- Asset management.

"SecureInfo's enterprise risk management solutions are being designed to address the challenges caused by disparate security point products that make enterprise security management more difficult than it already is," stated Steve Kiser, President and CEO of SecureInfo Corporation. "RMS 3.1 is the foundation for an automated decision support solution which provides organization with centralized regulatory compliance, vulnerability and configuration management and enterprise security operations management and control."

Earlier this year, SecureInfo announced it had signed an agreement with the SANS Institute (the world leader in information security training) whereby SANS will offer a DITSCAP (Defense Information Technology Security Certification and Accreditation Process) Bootcamp, which is based on the content and automated use of SecureInfo's RMS 3.1 product. The DITSCAP course is specifically designed for Information System Security Officers, Information System Security Managers, Designated Approval Authorities and all security personnel who maintain the Certification and Accreditation (C&A) of systems within the United States Army, Navy, Air Force and Marines. This course will be offered at SANS locations across the United States.

Availability

RMS is available on the GSA schedule (GS-35F-0292K) and DoD BPA (Enterprise Software Initiative) schedule (W9128Z-04-A-0002) and is sold as a perpetual license. The pricing scheme is based on the number of named users in an enterprise that have access to the software application. Software licensing also includes regulatory content bundles specific to an enterprise (i.e., Air Force - Public Law, OMB, FIPS/NIST, DoD, Air Force).

About SecureInfo Corporation

Securing the largest networks in the world since 1992, SecureInfo delivers solutions that simplify and automate security compliance, vulnerability management and enterprise security operations. SecureInfo currently supports over 750,000 users across the globe and continues to innovate its solutions suite by providing a framework that integrates compliance, vulnerability and policy management with enterprise cyber security operations. SecureInfo's solution suite enables clients to centrally manage enterprise risk by leveraging their existing technologies across a single platform. SecureInfo, an Inc. 500 Corporation, is recognized as one of the top 10 providers of Information Security Solutions to the Federal Government. Additional information is available at www.secureinfo.com.