ASHBURN, Va. - Xacta Corporation, a leading supplier of information security risk management solutions to the Federal government and private sector, today announced that the company has been accepted into the formal evaluation phase of the Common Criteria testing process for Xacta Web C&A™, the company's flagship software offering for the government. CygnaCom Solutions is conducting the Evaluation Assurance Level 2 (EAL2) testing efforts for Xacta Web C&A in its Security Evaluation Laboratory (SEL). Cygnacom Solutions' Common Criteria Testing Laboratory (CCTL) is accredited by the National Voluntary Laboratory Assessment Program (NVLAP) and approved by the National Information Assurance Partnership (NIAP). The CygnaCom SEL performs Common Criteria evaluations in accordance with the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS).
Xacta Web C&A is the first risk management and regulatory compliance product to initiate the Common Criteria evaluation process. Xacta Web C&A automates information security risk assessment and the Certification & Accreditation (C&A) processes for Federal agencies in compliance with Federal Information Security Management Act (FISMA) requirements, as well as numerous other agency- and department-specific security requirements.
Xacta has submitted Xacta Web C&A for Common Criteria evaluation in compliance with the National Security Telecommunications and Information Systems Security Policy (NSTISSP) No. 11 regulation that requires security-related products integrated within national security systems to be subjected to a standardized evaluation process. Affected government acquisition efforts cannot receive a blanket waiver from this requirement; deferred compliance authorizations can be issued only on a case-by-case basis.
"Per NSTISSP 11, government agencies are showing a preference for security products that have already been evaluated or are in the process of NIAP CCEVS evaluation," said Bob Marino, executive vice president and chief sales and marketing officer, Telos Corporation. "Xacta's information security risk assessment offering is used extensively throughout the Federal government, including within the Department of Defense and intelligence agencies. By having our software undergo Common Criteria evaluation, agencies with the most stringent security requirements know that they have access to a risk assessment and regulatory compliance product that meets international security assurance requirements."
"Common Criteria testing provides third party review of a product's security functions against specified Common Criteria requirements," said Kris Rogers, the CygnaCom SEL director. "Before NIAP will award CCEVS certification to Xacta for Xacta Web C&A, the SEL will conduct extensive testing - and NIAP validators will perform their own oversight of our evaluation and methods to check that the certification results are valid. The Common Criteria is an international standard (ISO 15408) for Information Technology Security Evaluation, and Common Criteria evaluations performed under the NIAP scheme are recognized in 19 nations."
"Xacta is committed to providing software that meets the government's highest security standards," said Rick Tracy, senior vice president, Xacta Corporation. "Xacta Web C&A customers throughout the government depend upon the software's powerful continuous risk assessment capabilities. By initiating the formal Common Criteria evaluation process and being willing to put our products to the test, we commit to customers that we take their security as seriously as they do. NIAP certification remains an important benchmark for software buyers to feel confident that the software they purchase can deliver as promised."
About Xacta
Xacta, a wholly-owned subsidiary of Telos Corporation, markets and sells government-validated security management solutions to the public sector, financial services institutions, and the healthcare industry. For more information, visit www.xacta.com.
"Telos" is a registered trademark of Telos Corporation, and "Xacta" is a registered trademark of Xacta Corporation. All other product, service, and company names are trademarks or registered trademarks of their respective holders.
For more information about this press release please contact us.
Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries. Entrust is a registered trademark of Entrust Limited in Canada. All other Entrust product names and service names are trademarks or registered trademarks of Entrust, Inc or Entrust Limited. All other company and product names are trademarks or registered trademarks of their respective owners.