Press Release

Trusted Computer Solutions Announces the Addition of Security Blanket to the Consensus Audit Guidelines (CAG) Top 20 Critical Controls Automation Tools List

HERNDON, Va. – January 13, 2010 – Trusted Computer Solutions, a leading developer of cross domain and cyber security solutions, today announced that their award winning, automated Operating System (OS) hardening tool, Security Blanket, has been included to the user-vetted CAG Top 20 Critical Controls Automation Tools list, version 2.3, promoted by the SANS (SysAdmin, Audit, Networking, and Security) Institute.

The CAG Top 20 Critical Controls were developed by a powerful consortium brought together by John Gilligan (previously CIO of the US Department of Energy and the US Air Force) under the auspices of the Center for Strategic and International Studies. Members of the Consortium include the National Security Agency (NSA), US Computer Emergency Readiness Team (CERT), Department of Defense (DoD), Joint Task Force-Global Network Operations (JTF-GNO), the Department of Energy Nuclear Laboratories, Department of State, DoD Cyber Crime Center plus the top commercial forensics experts and pen testers that serve the banking and critical infrastructure communities.

“Only tools or solutions that can automate all or part of the Critical Controls are eligible for review,” stated Ed Hammersla, Chief Operating Officer for Trusted Computer Solutions. “Final selection is based solely on confirmed usability by current product users. We are very proud that Security Blanket has become one of the tools that helps automate these controls.”

Through formal interviews and discussion with TCS end-users SANS confirms Security Blanket as a solution that automates three of the Critical Controls. Critical Control 6 identifies requirements for “Maintaining, Monitoring, and Analysis of Audit Logs.” Poor or non-existent security logging and analysis enable attackers to control victim machines for months or years without anyone knowing, even though the evidence of the attack has been recorded in unexamined log files. Critical Control 8 specifies requirements for “Controlled Use of Administrative Privileges.” The misuse of administrator privileges is the number one method for attackers to spread inside a targeted enterprise. Critical Control 11 includes requirements for “Account Monitoring and Control.” Attackers frequently discover and exploit legitimate but inactive user accounts to impersonate legitimate users, making attacker behavior difficult for network monitors to identify.

“The Top 20 Critical Security Controls represent a ground swell effort to position continuous, automated monitoring practices as the first priority in measuring and improving security. We have high hopes that government agencies and key industries will focus their security tools spending on these critical controls for the foreseeable future,” says George King, SANS Institute.

About Security Blanket
Security Blanket is the only enterprise platform that automatically locks down, or hardens, Linux and Solaris operating systems to meet industry standard security guidelines such as the Defense Information Systems Agency (DISA) UNIX Security Implementation Technical Guide (STIGs) or Center for Internet Security (CIS) Benchmarks. It is a cost-effective way to consistently and predictably secure enterprise-wide systems in a fraction of the time it takes to lock them down manually.

Security Blanket can easily assess the security posture of individual systems or groups of systems, identify OS vulnerabilities, and automatically remediate those vulnerabilities by automatically changing the actual OS configuration settings that were identified as vulnerable. Security Blanket goes even further by allowing an “undo” capability to reverse the hardening actions if applications are adversely affected by the lock down. Assessment and Baseline reports are an inherent feature of Security Blanket which facilitates providing audit documentation to Security Officers.

For a free trial of Security Blanket, or for more information, visit www.TrustedCS.com/SecurityBlanket.

About Raytheon
Raytheon Company, with 2010 sales of $25 billion, is a technology and innovation leader specializing in defense, homeland security and other government markets throughout the world. With a history of innovation spanning 89 years, Raytheon provides state-of-the-art electronics, mission systems integration and other capabilities in the areas of sensing; effects; and command, control, communications and intelligence systems, as well as a broad range of mission support services. With headquarters in Waltham, Mass., Raytheon employs 72,000 people worldwide. For more about Raytheon, visit us at www.raytheon.com and follow us on Twitter at @raytheon .

###

Media Contact: Evan Weisel, Welz & Weisel Communications, 703.218.3555, evan@w2comm.com