Elemental Security, Inc., the award-winning pioneer of new technology in enterprise information security, today announced that its Elemental Security Platform (ESP) v2.0 has been certified by the Center for Internet Security (CIS) for computing platforms supported by the latest release of Elemental’s policy and risk management product. In addition, ESP v2.0 is the industry’s first product to complete the CIS’ rigorous certification process for the IBM UNIX (AIX) and Sun Solaris 10 platforms.
The CIS Benchmark is a set of technical standards that draws upon best practices published by The SANS Institute, the National Security Agency (NSA), the National Institute of Standards and Technology (NIST), and the U.S. Defense Information Systems Agency (DISA), as well as consensus guidance from CIS members and users. The CIS Certification program is distinguished from other IT certifications because CIS certified vendor tools support the consensus best practices movement. CIS strategic partnerships with AICPA, IIA and ISACA are advancing the science of security auditing to include measurement of configuration management outcomes.
“With the constant proliferation of system threats and computer vulnerabilities, enterprises need to take a proactive stance to minimize security risks by ensuring that all systems are in compliance with their implemented system security compliance policies,” said CIS President and CEO Clint Kreitner. “This CIS Certification assures Elemental customers that ESP v2.0 accurately and thoroughly compares the configuration of their organizations’ computer platforms with the relevant baseline security benchmarks defined by user consensus. Elemental enables users to define their security compliance policies with the CIS benchmarks as a guide, and to constantly monitor and audit systems to ensure continued compliance with these established baselines.”
With these certifications, Elemental customers are assured that their security best practices and security benchmark policies are properly implemented in order to assure that computers are configured with the most appropriate security settings. After extensive testing, Elemental earned CIS benchmark certifications for policies for computing platforms supported by ESP, including Windows 2000, 2000 Pro, and 2000 Server; Windows 2003 Domain Member Server and Domain Controller 2003; Windows XP; UNIX versions of IBM (AIX) and Hewlett-Packard (HP-UX); Red Hat Enterprise Linux; and Sun Solaris.
“The CIS Benchmarks are widely accepted, user-originated standards that help companies satisfy the configuration and compliance requirements for today’s most popular computing platforms,” said Elemental Chief Marketing Officer Roy Agostino. “We are pleased to earn these certifications, to assure that the policy baselines we offer customers are in line with the high-security industry benchmarks, as defined by CIS and industry user consensus.”
In addition to CIS Benchmark policies, ESP offers an extensive suite of policies for other benchmarks, such as from the NSA, NIST and DISA; and industry best practices, including those published by Microsoft. With ESP, users can assess compliance with established full benchmarks, or can customize these policies to fit their specific environments and individual business objectives. With ESP, organizations can deploy these policies and get compliance results across the entire enterprise in minutes.
The award-winning ESP is the only security policy system built from the ground up to make the state and activity of users and computers fully transparent, enabling customers to directly translate their business objectives into specific policies for all users and systems on their networks. Elemental unifies policy management, host configuration, inventory/discovery and role-based access control in one seamlessly integrated offering. Using Elemental, security administrators can easily assess the security posture of machines and networks, and make proactive decisions about managing risk. Security policy and compliance management continue to be top priorities due to increasing frequency and severity of security breaches, and regulations such as Sarbanes-Oxley (SOX), the Payment Card Industry (PCI) Data Security Standard, and the Health Insurance Portability and Accountability Act (HIPAA).
Elemental is an industry leader in enterprise policy and risk management. Using its award-winning Elemental Security Platform (ESP), organizations can directly translate their business objectives into specific policies for all users and systems on their networks. For the first time, enterprises can use a single product to obtain measurable and comprehensive metrics for their security policy needs and compliance requirements. Founded in December 2002, Elemental is a privately held company backed by Bessemer Venture Partners, Mayfield, Sequoia Capital and Lehman Brothers Venture Partners. Red Herring and AlwaysOn awarded the company their Red Herring 100 and AlwaysOn 100 awards, respectively, which honor the top private companies. Elemental was also named the “Most Innovative” company at the RSA Conference 2006 and a “Private Security Company to Watch” by Red Herring. The company is headquartered in San Mateo, Calif., and has offices throughout the U.S.
Elemental and the Elemental Security Platform, among others, are trademarks or registered trademarks in the United States and certain other countries of Elemental Security, Inc. Additional company and product names may be trademarks or registered trademarks of other individual companies and are respectfully acknowledged.