The United States government passed the Federal Information Security Management Act in 2002, which requires federal agencies to provide reports on their information systems. The National Institute of Standards and Technology has published Special Publication 800-53, which further details the requirements that federal agencies must meet regarding their information systems. SP 800-53 groups these requirements into 18 securtiy categories as follows:
  • Risk Assessment
  • Access Control
  • Awareness and Training
  • Audit and Accountability
  • Security Assessment and Authorization
  • Configuration Management
  • Contingency Planning
  • Identification and Authentication
  • Incident Response
  • Maintenance
  • Media Protection
  • Physical and Environmental Protection
  • Planning
  • Personnel Security
  • System and Services Acquisition
  • System and Communication Protection
  • System and Information Integrity
  • Program Management
BeyondTrust provides a variety of software solutions that meet these requirements. Retina is a platform that provides centralized control over a suite of applications which perform vulnerability management and other functions related to system security.