Xacta® IA Manager Key Features

xacta_ia_manager_internal  Request for a product demo

Xacta IA Manager’s risk and compliance management features enable:

Xacta supports the key features of NIST's Risk Management Framework (click to enlarge)Implementation Priority: In support of NIST 800-53 Revision 4, “Recommended Security Controls for Federal Information Systems and Organizations”

Continuous Monitoring: Streamlines processes for continuous monitoring and security risk assessment.

Extensible Publishing: Fast and easy modification of existing templates and simpler creation of new ones; includes a complete array of standard templates for RMF for DoD IT documentation

Controls Inheritance: Allows common security controls to be inherited across systems for operations in the relevant hierarchy branch to reduce the complexity and cost of security administration

Privacy Impact Assessments (PIA): Supports production of privacy impact assessments (PIA) in keeping with federal guidelines

Reference Relationships: Establishes reference-extension relationships between projects to ensure accurate configuration notifications and reporting for “type-accredited” systems protections

Asset Awareness and Inventory:
Capture and report on a rich collection of demographic information regarding each IP device — asset inventory, physical location and ownership information, operating system configuration data, and hardware and software inventory

Security Configuration Scanning: Continuously check on the status of your systems to ensure they’re optimized for greatest security

Security Requirements Evaluation: Relate IT asset data to an extensive set of security requirements that are provided with the Xacta IA Manager knowledge base

Publishing and Reporting: Automatically generate the documentation needed to report on and comply with the leading compliance regulations, including RMF for DoD IT, NIST, CNSS, FISMA, ISO 27002, HIPAA, and GLBA

USGCB/ SCAP: Simplify asset configuration compliance auditing to ensure compliance with United States Government Configuration Baseline (USGCB) checklists for Windows platform scanner capability; continuously scan endpoint systems for patches and vulnerabilities by leveraging Security Content Automation Protocol (SCAP) content

Continuous Risk and Compliance Assessment: Continuously assesses risk and compliance as an on-going business process as specified in standards such as RMF for DoD IT, NIST 800-37 (Risk Management Framework), and NIST 800-137 (Continuous Monitoring)

Vulnerability Risk and Compliance Reporting: Xacta IA Manager allows you to determine compliance and risk posture as it relates to vulnerabilities by comparing vulnerability information to your asset information and determining which assets are susceptible

Adaptive Mapping: Dynamically maps the content from various vulnerability schemas to the relevant controls in a relationship model;automatically detects and plots the points of intersection among vulnerabilities, controls, and assets 

Cascading Analytics: Captures the analysis performed on an asset and adaptively cascade the analysis to all other related assets and tests across your environment until all assets are analyzed 

Compliance Management: Streamlines assessments and reporting on compliance through automated surveys and questionnaires 

Vendor Risk Assessment: Helps you identify suitable vendors with pre-defined or custom-built questionnaires to protect against failures in partner security 

Survey Management: Uses NIST-defined Open Checklist Interactive Language (OCIL) schema to gather qualitative data for compliance and other requirements