Qualys intros cloud-based software for FDCC compliance

Module helps feds validate desktop configurations

Qualys has introduced the QualysGuard FDCC module, cloud-based software designed to help federal agencies comply with the Federal Desktop Core Configuration. The Office of Management and Budget has mandated that federal agencies standardize their existing Windows XP and Windows Vista desktops according to FDCC specifications.

The module has been validated by the National Institute of Standards and Technology as conforming to the Security Content Automation Protocol, Qualys representatives said. It uses the QualysGuard Software-as-a-Service architecture to help federal agencies scan and report compliance of their desktops with FDCC regulations.


NIST's FDCC guidelines

NIST’s Security Content Automation Protocol guidelines

We're waiting on the FDCC, see?

QualysGuard FDCC lets agency IT departments support SCAP content for Windows XP, Windows XP Firewall, Windows Vista, Windows Vista Firewall and Internet Explorer 7, the company said. It also helps federal agencies certify compliance with FDCC requirements by providing detailed reports that include technical analysis of compliance and executive-level summaries.

“FDCC compliance is a daunting task for government agencies as it requires a thorough analysis of all Windows Vista and Windows XP environments across their entire agency,” said Philippe Courtot, chairman and CEO of Qualys.

The QualysGuard FDCC module annual subscription for federal agencies starts at $1,995 with additional licensing per IP.

More information: www.qualys.com.

About the Author

Trudy Walsh is a senior writer for GCN.


  • automated processes (Nikolay Klimenko/Shutterstock.com)

    How the Army’s DORA bot cuts manual work for contracting professionals

    Thanks to robotic process automation, the time it takes Army contracting professionals to determine whether prospective vendors should receive a contract has been cut from an hour to just five minutes.

  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

Stay Connected