VA adds to Harris security deal

Department of Veterans Affairs officials awarded a follow-on contract to Harris Corp. to help find security vulnerabilities throughout the VA's networks.

The contract, worth more than $2 million a year, provides software that helps VA officials identify vulnerabilities at every facility in the department's jurisdiction, including more than 160 hospitals nationwide. The contract is a follow-on awarded last year by the Veterans Health Administration as part of a Hewlett-Packard Co. initiative.

"All administrators use our tools to scan their network for vulnerability and remediate problems," said George Eanes, Harris' account manager for the VA contract. "Scans for vulnerabilities are found, then the administrator fixes vulnerabilities."

Under terms of the contract, Harris officials will provide the Security Threat Avoidance Technology (STAT) Scanner vulnerability assessment solution and STAT Scanner Console reporting tool for use on all VA computers nationwide.

Several agencies use the system, including the Army, Commerce Department and Social Security Administration.

The STAT Scanner is the first vulnerability scanner to achieve Common Criteria certification. This certification enables the scanner to comply with the National Information Assurance Acquisition Policy, which requires security product vendors to undergo testing and analysis to ensure their products meet strict guidelines and will not compromise national security.