A leading global security management company formed by the combination of PatchLink® Corporation and SecureWave® S.A., Lumension Security™, Inc., announced today that the company's vice president of federal solutions, Steve Antone, will lead a speaking session at the Federal Information Security Conference (FISC), July 1-2, 2008 in Colorado Springs, Colo. The session, entitled "SCAP - Security Content Automation Protocol," will examine the Security Content Automation Protocol (SCAP), a standards-based technology for automating vulnerability and configuration management, measurement and policy compliance checking. SCAP has been adopted by many IT security vendors and is now mandated for use within U.S. federal agencies.

Across the IT community, security compliance continues to be an important issue, and the federal government is no exception: As of February 1, 2008 all agencies must comply with the Office of Management and Budget's (OMB) mandate requiring them to use technologies that are verified as compliant with SCAP in accordance with Federal Desktop Core Configuration (FDCC) mandates.

Antone will discuss, in this speaking session, the security and operational advantages of SCAP along with the challenges of implementing the capability. Antone, who has first hand knowledge of many agency implementation plans, will provide insight on how agencies can be successful and avoid common pitfalls.

Antone declared: "SCAP and the FDCC mandates are driven by the need to improve security at the endpoint. There are tens of thousands of different configurations of laptops and desktops used throughout the federal government, and by default, this means that there are going to be an exponential number of vulnerabilities or attack vectors at the endpoint."