Xacta® IA Manager Key Features

xacta_ia_manager_internal  Sign up for an online Xacta IA Manager evaluation account

Xacta IA Manager’s risk and compliance management features coupled with its process automation capabilities enable:

Xacta supports the key features of NIST's Risk Management Framework (click to enlarge)Implementation Priority: In support of NIST 800-53 Revision 4, “Recommended Security Controls for Federal Information Systems and Organizations”

Continuous Monitoring: Streamlines processes for continuous monitoring and security risk assessment.

Extensible Publishing: Fast and easy modification of existing templates and simpler creation of new ones; includes a complete array of standard templates for RMF for DoD IT documentation as well as the new CAP-IT (Certification and Accreditation Package Input Toolkit) format

Controls Inheritance: Allows common security controls to be inherited across systems for operations in the relevant hierarchy branch to reduce the complexity and cost of security administration

Privacy Impact Assessments (PIA): Supports production of privacy impact assessments (PIA) in keeping with federal guidelines

Reference Relationships: Establishes reference-extension relationships between projects to ensure accurate configuration notifications and reporting for “type-accredited” systems protections

Asset Awareness / Hardware / Software Inventory:
Capture and report on a rich collection of demographic information regarding each IP device — asset inventory, physical location and ownership information, operating system configuration data, and hardware and software inventory.

Security Configuration Scanning: Continuously check on the status of your systems to ensure they’re optimized for greatest security.

Security Requirements Evaluation: Relate IT asset data to an extensive set of security requirements that are provided with the IA Manager knowledge base.

Publishing and Reporting: Automatically generate the documentation needed to report on and comply with the leading compliance regulations, including RMF for DoD IT, NIST, CNSS, FISMA, ISO 27002, HIPAA, and GLBA.

USGCB/ SCAP: Simplify asset configuration compliance auditing to ensure compliance with United States Government Configuration Baseline (USGCB) checklists for Windows platform scanner capability; continuously scan endpoint systems for patches and vulnerabilities by leveraging Security Content Automation Protocol (SCAP) content

Continuous Risk and Compliance Assessment: The only commercially available product that is able to perform continuous risk and compliance assessment as an on-going business process as specified in standards such as RMF for DoD IT, NIST 800-37 (Risk Management Framework), and NIST 800-137 (Continuous Monitoring).

Automated Vulnerability Assessment and Management: Automate the correlation between your vast inventory of devices and the ever-increasing array of vulnerabilities encountered every day; includes manual and automated mechanisms necessary to quickly add new vulnerabilities to the Xacta IA Manager knowledge-base, integrated asset discovery utilities, and vulnerability scanning tools that are required to detect the presence of known vulnerabilities.

Automated Vulnerability Remediation: Xacta IA Manager’s process integration capabilities enable you to respond immediately to critical situations by programming vulnerabilities to automatically trigger the appropriate actions. You can alert key personnel and automate the distribution and installation of critical software patches and upgrades across the enterprise, assuring that your security posture is always current.

Vulnerability Risk and Compliance Reporting: Xacta IA Manager allows you to determine compliance and risk posture as it relates to vulnerabilities by comparing vulnerability information to your asset information and determining which assets are susceptible.