G O V E R N M E N T X S E C T O R

NVD is the U.S. government repository of standards based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g. FISMA).

NVD includes databases of security checklists, security related software flaws, misconfigurations, product names, and impact metrics. NVD supports the Information Security Automation Program (ISAP).

http://nvd.nist.gov/

Security Content Automation Protocol Validated Products

The U.S. Office of Management and Budget has required, in a memorandum to Federal CIOs, that "Information technology providers must use S-CAP validated tools, as they become available, to certify their products do not alter these configurations, and agencies must use these tools when monitoring use of these configurations."

http://nvd.nist.gov/scapproducts.cfm

The National Cyber Alert System was created to provide access to timely information about security topics and threats, as well as useful security tips.

http://www.us-cert.gov/cas/tips/

See also Quick Links 3, a collection of resources focused on government agencies and related organizations.

 

 

A cyber security breach at a U.S. government agency can literally place the nation’s national security at risk, especially in classified national security systems. Protection is needed against both external and “insider threats” on Microsoft platforms within government agencies.  The U.S. Government has very specific and strong interest in protection against “insider threats.”