NSS Plus

Falls Church, VA, October 9, 2009 — Network Security Systems Plus, Inc. today announced that it has joined the McAfee® Security
Innovation Alliance™ (SIA) partner program. Under the McAfee SIA program, NSSPlus will integrate its DIACAP Automation System (DAS) with McAfee ePO.  The integration between the NSSPlus DIACAP Automation System (DAS) and McAfee ePO establishes a powerful framework for end to end security and compliance management.  The endpoint presence of HBSS allows an enterprise organization to identify and remediate vulnerabilities using ePO as a management tool. 

The NSSPlus DIACAP Automation System (DAS) delivers enterprise-wide visibility into C&A status and accepted risks.  DAS is a web-based business intelligence platform designed to optimize implementation and execution of the DIACAP processes by automating workflow, reporting, system vulnerability scanning, and documentation management tasks.  The DAS has a powerful workflow module that allows organizations to refine the identified weaknesses in the system through the identification of false positives, duplicates across vulnerability assessment tools, items that are planned for remediation and residual weaknesses that are required to support business operations.  The NSSPlus patent pending DIACAP Automation System (DAS) provides the following benefits:

• Saves approximately 70% of cost of C&A process versus current approach
• Provides C&A stakeholders with single source for consistent and accurate knowledge
• Improves efficiency, productivity and accuracy in the C&A process
• Automatically creates DIACAP Executive package components, such as scorecards and plans of action and milestones (POA&Ms)
• Provides visibility into enterprise C&A status and accepted risk — dynamically updated and web-accessible
• Maintains history on mitigation strategies
• Performs vulnerability trend analysis to apply responses to previously indentified weaknesses
• Developed and supported by 10-year provider of C&A solutions

Integration between ePO and DAS allows organizations to effectively manage their ongoing compliance requirements from day to day operations through the attainment and maintenance of a DIACAP Authorization to Operate.

McAfee ePO is the first platform that lets enterprises and governments centrally manage security and compliance products from multiple vendors, offering unprecedented cost savings and return on investment. With more than 35,000 customers and managing more than 60 million PCs and servers, this unique platform is helping McAfee SIA partners to extend their reach and create complementary functionality.

For more information on the McAfee SIA and McAfee ePO, please visit: http://www.mcafee.com/us/partners/security_innovation_alliance/default.html.

About McAfee, Inc.

McAfee, Inc., headquartered in Santa Clara, California, is the world's largest dedicated security technology company. McAfee is committed to relentlessly tackling the world's toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse and shop the web more securely. Backed by an award-winning research team, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security.

About Network Security Systems Plus (NSSPlus)

NSSPlus is a leading network security and information assurance consulting services and products company. Their security engineers and information assurance consultants perform comprehensive evaluations of the technical and non-technical security features of DoD Military Health System/TRICARE Management Activity Contractors’ enterprise networks. They implement safeguards and remedies in support of the C&A process under Department of Defense Information Assurance Certification and Accreditation Process (DIACAP). Their primary support objectives are to insure that system development, design, and implementation methodologies are compliant with the DISA STIGs and other industry best practices.

NSSPlus has over 9 years of IA, IA mitigation, C&A and network security engineering support experience with TMA and other DoD components. This includes specific experience in interpreting and applying the DISA STIGs and Checklists to enforce configuration compliance on network components and applications.

NSSPlus has in-depth expertise with DISA STIGs, SRR and Security Checklists for all hardware platforms and operating systems including mainframes, midrange, network servers, and workstations. They configure security scanning policies for automated tools in order to provide tractability to the DISA STIGs, National Security Agency (NSA) and other industry best practices. NSSPlus corporate offices are located at 5205 Leesburg Pike, Suite 505, Falls Church Virginia.