The United States Government Configuration Baseline - USGCB and FDCC Configuration Baselines
The USGCB supersedes the original FDCC and provides recommended configuration build-standards primarily to safeguard security. The security checklists formulated are published in the National Vulnerability Database (see http://web.nvd.nist.gov/view/ncp/repository)
“The purpose of the United States Government Configuration Baseline (USGCB) initiative is to create security configuration baselines for Information Technology products widely deployed across the federal agencies. The USGCB baseline evolved from the Federal Desktop Core Configuration mandate. The USGCB is a Federal government-wide initiative that provides guidance to agencies on what should be done to improve and maintain an effective configuration settings focusing primarily on security” source http://usgcb.nist.gov/
Importantly the USGCB is always positioned as a recommendation for security settings but that each Agency is invited to implement a build standard with security settings that go beyond the USGCB. NNT Change Tracker Enterprise can directly utilize the OVAL and SCAP content from the NVD, providing an easy to use and highly affordable means to automatically audit devices for compliance with USGCB build standards. Reporting and monitoring templates are simple to modify where extended build standard requirements need to be incorporated.
Better still, Change Tracker will then continuously operate NIST 800-53 controls for ‘Software, Firmware and Information Integrity’, and ‘Configuration Management Policy and Procedures’. In addition, NNT Change Tracker is one of only a few products that have been Certified by the Center For Internet security for reliably and accurately auditing CIS Benchmark checklists.
- 2 Million Michigan State Employees PII Exposed
- US Department of Defense Announces Launch of ‘Hack the Pentagon’ Bug Bounty Program
- U.S. Government Introduces New ‘National Background Investigation Bureau’
- Tim Cook Lashes Out During Meeting With US Government Over Encryption
- White House Officials Meet with Tech Giants to Discuss Fighting Terror
- All Compliance FDCC-USGCB blog posts
- Before you chew through Compliance, consider trying the CIS Controls
- Understanding the Essential Elements of a SecureOps Strategy
- What Will You Choose – Big Brand or the Most Intelligent FIM & Change Control Solution on the Market?
- Why Isn’t There A Remediation Button within Change Tracker Gen7 R2?
- How to Establish a Secure Baseline