U.S. Department of Defense Validates ForeScout for IoT Security

Defense Information Systems Agency publishes influential STIG validation for ForeScout, documenting its proven technology to provide visibility and control of evolving, IoT-driven systems


SAN JOSE, Calif., March 12, 2018 (GLOBE NEWSWIRE) -- ForeScout Technologies, Inc. (NASDAQ:FSCT), a leading Internet of Things (IoT) security company, today announced that the U.S. Department of Defense’s (DoD) Defense Information Systems Agency (DISA) added ForeScout CounterACT® to its select list of commercial technology products receiving Security Technical Implementation Guides (STIG). The DoD issues STIGs for technology innovation from vendors that meet and help enforce the Pentagon’s rigorous security requirements for military agencies and contractors. Today’s announcement reflects ForeScout’s strategic role and expanding footprint across DoD customers, helping them gain foundational visibility of devices, including non-traditional Internet of Things (IoT) devices, connecting to their networks.

“The DoD’s STIG validations by design are reserved for select, strategic vendors comprising keystone parts of the military’s IT assets, networked operations and security defenses,” said Wallace Sann, vice president of Global Systems Engineering, ForeScout. “This is a distinct achievement for our company and recognizes years of collaboration with partners and DoD agencies to integrate our technology and proven capabilities within the military’s demanding worldwide enterprise.”

ForeScout helps the DoD and other government organizations discover, classify and manage diverse devices and applications arriving on networks via the IoT’s explosive growth. The STIG validation follows an enterprise-wide IoT security agreement that ForeScout separately reached with the DoD’s Enterprise Software Initiative (ESI) program, which helps defense customers expand CounterACT deployments across their environments. ForeScout’s STIG and ESI milestones underscore the scope of CounterACT’s role in implementation requirements like the DoD’s “Comply-to-Connect” (C2C) framework, which is responsible for protecting both IoT devices and traditional IT systems from evolving security threats.

ForeScout offers a visibility platform across defense organizations to help them see and control connected assets – from laptops and ruggedized devices in the field, to IoT gear and networked Industrial Internet of Things (IIoT) and operational technology (OT) control systems, including medical equipment – across bases and shared facilities. ForeScout’s agentless technology discovers, classifies and assesses devices. After discovering a device, ForeScout uses a combination of passive and active methods to classify the device according to its type and ownership, then assesses the device’s security posture and allows an organization to set policies that establish authorized behaviors.

In DoD deployments, ForeScout meets rigorous C2C requirements, including:

  • Network-based discovery and classification of devices
  • Redundant manageability and control of devices
  • Orchestration with other mandated security technologies, such as the DoD’s Host Based Security System (HBSS) and Assured Compliance Assessment Solution (ACAS) – confirming these third-party tools are configured and functioning properly
  • Continuous monitoring of connected devices
  • Helps the DoD enforce its policies prohibiting personal and/or wearable devices or applications on DoD workstations and networks

DISA’s STIGs form an enterprise-wide configuration standard for DoD systems supporting information assurance. Each STIG contains technical guidance detailing how defense agencies use commercial technologies to lock down information systems and software that might otherwise be vulnerable to malicious attacks and disruption.

Defense agencies and contractors can download DISA’s overview memo and STIG for ForeScout at this link: https://iase.disa.mil/stigs/net_perimeter/network-infrastructure/Pages/other.aspx
                                                                                                      
Additional Resources:

About ForeScout
ForeScout Technologies, Inc. helps make the invisible visible. Our company provides Global 2000 enterprises and government agencies with agentless visibility and control of traditional and IoT devices the instant they connect to the network. Our technology integrates with disparate security tools to help organizations accelerate incident response, break down silos, automate workflows and optimize existing investments. Learn more at www.forescout.com.

Media Relations Contact:
Katie Beck                                                                  
ForeScout Technologies, Inc.              
650-314-8705 
katie.beck@forescout.com     

Investor Relations Contact:
Michelle Spolver
ForeScout Technologies, Inc.
408-721-5884
michelle.spolver@forescout.com

© 2018. ForeScout Technologies, Inc. is a Delaware corporation. ForeScout, the ForeScout logo, ActiveResponse, ControlFabric, CounterACT, CounterACT Edge and SecureConnector are trademarks or registered trademarks of ForeScout. Other names mentioned may be trademarks of their respective owners.

FSCT-O