Xacta updates risk management app

Xacta Corp. has rolled out updates to its risk management software, making it easier for officials in federal agencies to maintain and document the state of their information security environment and practices.

The company on Wednesday unveiled Service Pack 2 for Xacta Web certification and accreditation and Xacta Commerce Trust software. The software helps agencies manage their network security risk while documenting security processes in compliance with regulatory requirements such as the Federal Information Security Management Act of 2002 and government requirements such as the National Information Assurance Certification and Accreditation Process. FISMA requires agencies to apply risk management techniques to make their systems more secure.

Service Pack 2 enhancements allow Plan of Action and Milestones reports to be generated and comply with FISMA requirements. The new version also automates the generation of the agency-level security performance report required quarterly by the Office of Management and Budget. The summary report identifies each agency's total number of systems and how many have completed the certification and accreditation processes and other security objectives.

Large government agencies generally have information systems scattered across the country and information technology personnel in each location working to certify the systems for which they are responsible, said Rick Tracy, senior vice president at Xacta. Compiling the certification and accreditation information from all of these locations and putting it into a report has been a manual, time-consuming task, which Xacta has now automated, he said.

"The person [in a federal agency] responsible for answering to OMB has everything at [their] finger tips," Tracy said.

As part of Service Pack 2, users receive Xacta Detect vulnerability scanner plug-ins through Xacta Active Update, a periodic update of Xacta's knowledge database. Xacta Detect scans for the most recently identified security vulnerabilities. Additionally, Service Pack 2 includes the SANS Institute's Top 20 Internet Security Vulnerabilities information. The update also provides new content for Army Regulation 25-2 and Air Force Instruction 33-202, which provide guidelines for information security practices for the two services.

Featured

  • People
    Dr. Ronny Jackson briefs the press on President Trump

    Uncertainty at VA after nominee withdraws

    With White House physician Adm. Ronny Jackson's withdrawal, VA watchers are wondering what's next for the agency and its planned $16 billion health IT modernization project.

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.