StillSecure VAM under SCAP validation

StillSecure has announced that EWA-Canada has been contracted to conduct Security Content Automation Protocol (SCAP) testing for StillSecure VAM, the company's vulnerability management system.

SCAP is a method for using standards approved by the National Institute of Standards and Technology to enable automated vulnerability management, measurement and policy compliance evaluation, such as compliance with the Federal Information Security Management Act of 2002. SCAP falls under the Information Security Automation Program, a federal multiagency initiative to enable automation and standardization of technical security operations.

VAM is an end-to-end vulnerability management system that identifies, tracks, and manages the repair of network vulnerabilities across the enterprise. SCAP certification is the latest in StillSecure's recent Federal compliance efforts for VAM, which also include Common Criteria Evaluation Assurance Level-2 and Federal Information Processing Standard 140-2.

For a list of products that are currently undergoing SCAP testing, click here.

About the Author

Trudy Walsh is a senior writer for GCN.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected