Federal Information Security Management Act (FISMA)


FISMA imposes a mandatory set of processes that must be followed for all information systems used or operated by a U.S. federal government agency or by a contractor or other organization on behalf of a federal agency. The recently released Consensus Audit Guidelines (CAG) prescribes application whitelisting, define and allow on trusted software, as a best practice for achieving FISMA compliance.

The Bit9 Security Platform helps federal agencies protect information by providing a methodology for application whitelisting and preventing the installation or execution of unauthorized applications. These application controls minimize the risk of malicious, illegal and unauthorized software that can create vulnerabilities and enable targeted attacks.

Bit9 provides:

  • Application whitelisting and control to ensure only authorized software is allowed to run – blocking ALL unauthorized software
  • Portable storage device controls to enforce read, write and execute policies for both data and software on USB keys and other such removable media. – blocking ALL unauthorized devices
  • Audit new software installations or preventative blocks
  • Software metering to identify to audit software execution