About Us Our Work Employment News & Events
MITRE Remote Access for MITRE Staff and Partners Site Map
News & Events
What's New at MITRE
Media Relations
MITRE Publications
Social Networking, Mobile Apps, and RSS Feeds

Follow Us:
Visit MITRE on Facebook
Visit MITRE on Twitter
Visit MITRE on Linkedin
Visit MITRE on YouTube
View MITRE's RSS Feeds
View MITRE's Mobile Apps
Home > News & Events > Media Relations > News Releases >

MITRE Releases New Security Software

FOR IMMEDIATE RELEASE:

MITRE Contacts:

Karina H. Wright
(703) 983-6125


Eryn L. Gallagher
(781) 271-3782

Bedford, Massachusetts, McLean, Virginia, December 1, 2008 — The MITRE Corporation has released an alpha version of its new Recommendation Tracker™ (RT) software, an open source program that facilitates development of automated security benchmarks. System administrators use benchmarks—essentially a set of recommendations—to securely configure an operating system or software application and then set up automatic testing to ensure proper configuration. The new edition of RT has features that support the collaborative process of benchmark creation, including taking ordinary textual input and producing output in the standardized XML-based language, XCCDF. Combined, these features make it easier and more efficient to generate and implement benchmarks. RT is available for download on the public website SourceForge.net.

"Our goal in sharing this technology is to provide software vendors, security content developers, and business managers with another tool in their security arsenal—one that makes their jobs easier," said Stephen Boczenowski, MITRE project leader and principal information security engineer and scientist. "We also want to impart the expertise we've gained helping our government sponsors develop protections for their data and information."

The RT is just the latest tool developed by MITRE in the last 10 years to help the security community produce automated, standardized benchmarks. The not-for-profit organization has developed four of the six security standards which comprise the National Institute of Standards and Technology's Security Content Automation Protocol, or SCAP. The four standards are:

  • Common Vulnerabilities and Exposures (CVE®)
  • Open Vulnerability and Assessment Language (OVAL®)
  • Common Platform Enumeration (CPE™)
  • Common Configuration Enumeration (CCE™)

MITRE recently started offering a one-day benchmark development course at its McLean, Va., campus. The course, which includes instruction in RT, OVAL, Windows Investigator Tool, and other information assurance tools and standards, is free and open to practitioners and the public. Online registration for upcoming classes is available at http://www.mitre.org/register2/benchmark/.

About MITRE

The MITRE Corporation (www.mitre.org) is a not-for-profit national resource that provides systems engineering, research and development, and information technology support to the government. It operates federally funded research and development centers for the Department of Defense, the Federal Aviation Administration, and the Internal Revenue Service and Department of Veterans Affairs, with principal locations in Bedford, Mass., and McLean, Va.

Page last updated: December 1, 2008   |   Top of page

Homeland Security Center Center for Enterprise Modernization Command, Control, Communications and Intelligence Center Center for Advanced Aviation System Development

 
 
 

Solutions That Make a Difference.®
Copyright © 1997-2013, The MITRE Corporation. All rights reserved.
MITRE is a registered trademark of The MITRE Corporation.
Material on this site may be copied and distributed with permission only.
IDG's Computerworld Names MITRE a "Best Place to Work in IT" for Eighth Straight Year The Boston Globe Ranks MITRE Number 6 Top Place to Work Fast Company Names MITRE One of the "World's 50 Most Innovative Companies"
 

Privacy Policy | Contact Us