Meeting FISMA Guidelines

As an IT security professional working for a U.S. federal government agency or organization, meeting FISMA’s mandatory set of processes for securing all information systems is a top priority. Understanding what software is in your environment (situational awareness) and being able to control what those applications can and cannot do is critical to achieving these regulations. CoreTrace knows your concerns. Led by longtime security professionals with experience in critical government agencies such as the Department of Defense (DoD) and the Air Force Information Warfare Center (AFIWC), CoreTrace will help you meet these requirements by providing full environmental awareness and control over your applications.

Our application whitelisting solution was specifically designed to stop the execution of any malicious code intended to compromise the security and performance of your sensitive systems without compromising the effectiveness or efficiency of your IT staff. Bouncer was designed for real users like yourself to meet guidelines, offer unmatched security, provide intuitive management, and manage change your organization needs to meet its business objectives.

FISMA Requires You to Respond to Threats and Control Risk

If you governed by FISMA security protocols, we know you are evaluating the best way to:

• Minimize your risk of malicious, illegal, and unauthorized software
• Decrease your vulnerability to cyber attacks
• Quickly respond to threats and control risk
• Improve your FISMA grade

SANS Consensus Audit Guidelines

The related SANS Consensus Audit Guidelines (CAG)identify application whitelisting as a best practice for achieving and maintaining FISMA compliance. Our Bouncer whitelisting solution is designed to help you comply with these security guidelines and protect your information by preventing the execution of all unauthorized applications. In doing so, Bouncer helps you:

• Prevent targeted cyber attacks, including sophisticated ones such as memory exploits, rootkits, and custom malware built to exploit your users and environment
• Protect the performance, availability, and reliability of your systems
• Meet requirements for change control, malware prevention, vulnerability patching and incident reporting
• Reduce the number and frequency of security patch implementations
• Report all unauthorized application execution attempts
• Automatically update the whitelist for authorized changes such as new applications and upgrades