January 26, 2005

NetIQ Vulnerability Manager Certified by Center for Internet Security

Certification helps customers automate IT policy compliance

Press Release


In an effort to automate IT policy and regulatory compliance, NetIQ Corp. (Nasdaq: NTIQ), a leading provider of Systems & Security Management and Web Analytics solutions, today announced that NetIQ Vulnerability Manager™ 5.0 has been certified against the Center for Internet Security (CIS) Level 1 Benchmark for Windows 2000 operating systems.

"Our customers are using CIS benchmarks to aid in compliance with regulations, like Sarbanes-Oxley," said Greg Davoll, group product manager at NetIQ. "Given the prevalence of Microsoft Windows 2000 within our customer base, the Windows 2000 benchmark was a priority for us. We will continue to follow our customers lead in order to provide a solid basis for security configuration management across other key Windows and non-Windows platforms."

With the CIS certification, NetIQ Vulnerability Manager customers can now accelerate their Windows compliance efforts based on a leading, credible source for industry best practices. The CIS Level 1 Benchmark for Windows 2000 is a technical standard that draws upon best practices published by The SANS Institute, the National Security Agency, the National Institute of Standards and Technology, and the United States Defense Information Systems Agency, as well as consensus guidance from CIS members and users from both the public and private sectors.

The CIS Certification program is distinguished from other IT certifications because CIS Certified vendor tools support the consensus best practices movement. CIS strategic partnerships with AICPA, IIA and ISACA are advancing the science of security auditing to include measurement of configuration management outcomes.

"CIS works with end users and software vendors, facilitating a consensus building process that defines security benchmarks for minimum baseline and best practice configuration. The benchmarks are widely accepted, user-originated standards that help companies satisfy the configuration requirements imposed by federal regulations such as SOX, GLBA, and HIPAA," said Bert Miuccio, vice president of CIS. "NetIQ Vulnerability Manager can help companies securely configure and periodically audit Windows 2000 systems for compliance with the Level 1 Benchmark."

NetIQ is a charter member of CIS, which was formed in October 2000 to develop consensus-based IT technical standards and to certify products to advance widespread adoption of security benchmarks for security configuration management.

About NetIQ Vulnerability Manager

NetIQ Vulnerability Manager provides a broad, fully integrated solution to optimize vulnerability management, including: vulnerability notification and advisory; policy compliance and auditing; vulnerability scanning; and patch management.

About NetIQ

NetIQ Corp. (Nasdaq: NTIQ) is a leading provider of Systems & Security Management and Web Analytics solutions. In addition to managing Windows-based applications, NetIQ delivers cross-platform solutions that enhance business performance resulting in higher returns on infrastructure and Web investments. NetIQ products are sold worldwide, directly and through a network of authorized NetIQ distributors and resellers. The company is headquartered in San Jose, Calif., with development and operational personnel in Houston, Texas; Portland, Ore; Raleigh, N.C.; Bellevue, Wash.; and Galway, Ireland. For more information, please visit the company's web site at www.netiq.com or call (888) 323-6768.

Let's Talk

Welcome, Want to talk to someone? Call our Sales team or request a call and we'll get right back to you.

  • Sales: (888) 323-6768

For support information, please visit Technical Support.

Amy Sachrison
Media and Analyst Relations

Phone: (713) 418-5368
Email: amy.sachrison@netiq.com