OPSW Opsware (MM)

Opsware Inc. (NASDAQ:OPSW), the leading provider of Data Center Automation software, today announced compatibility certification with Open Vulnerability and Assessment Language (OVAL), based on Opsware�s ability to convert OVAL information alerts into actionable policies distributed to customers by The Opsware Network, Opsware�s compliance and vulnerability subscription service. OVAL is an international information security community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. The Opsware Network supports and publishes OVAL vulnerability definitions, and within 24 hours can generally translate the vulnerability advisories into actionable policies that integrate seamlessly into the Opsware Server Automation System. This powerful and proactive approach to security enables customers to eliminate security gaps within and protect servers from outside threats that could potentially wreak havoc on a customer�s business. Opsware automates what has traditionally been a manual process for managing vulnerabilities that impact today�s IT organization and that is typically sourced by individual feeds from multiple data sources. This effort is tedious, time-consuming, and can often result in a costly and compromised IT environment. Through support of the OVAL platform, Opsware leverages the power of the OVAL community to ensure a thorough, complete and accurate understanding of emerging threats and vulnerabilities that impact today�s IT environments. Opsware currently supports 1,816 OVAL vulnerability definitions which cover 1,145 vulnerabilities. �OVAL is committed to providing security experts with a common language to discuss the technical details of how to maintain consistent, secure systems,� said Andrew Buttner, MITRE Senior INFOSEC Engineer and OVAL Compatibility Lead. �The OVAL Compatibility Program ensures that a wide range of tools and services can seamlessly exchange security data in OVAL�s standard formats. In becoming certified OVAL Compatible, The Opsware Network and Server Automation System are advancing the state of the art in information security through transparent interoperability with other OVAL Compatible tools and services.� After downloading OVAL-based policies from The Opsware Network, the Server Automation System immediately applies the policies, saving valuable time and eliminating the need to manually build policies based on vendor-specific alerts. If vulnerability definitions are not available from the OVAL community, Opsware creates its own definitions to ensure potential vulnerabilities are addressed. The end result is a rapid assessment of vulnerability impact and a dramatic reduction in the vulnerability window. �Opsware is proud to support OVAL, the leading open standard for security content,� said Tim Howes, EVP of Research & Development and CTO at Opsware Inc. �With our OVAL-certified automation products, customers can now leverage the power of the open, community-based OVAL standard in protecting their IT environments. OVAL-described vulnerabilities can now be detected, audited, and remediated automatically, saving customers time and money, and reducing the risk to their businesses.� OVAL is one of several standards in The Security Content Automation Protocol developed by several U.S. government organizations. For more information on Opsware�s work with OVAL, please visit: http://www.opsware.com/products/oval.php. About OVAL� Open Vulnerability and Assessment Language (OVAL) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. OVAL includes a language used to encode system details and an assortment of content repositories held throughout the community. The language standardizes the three main steps of the assessment process: representing the configuration information systems for testing; analyzing the system for the presence of the specified state; and reporting the results of this assessment. The repositories are collections of publicly available and open content that utilize the language. About Opsware Inc. (NASDAQ:OPSW) Opsware, the world�s leading IT automation company, unlocks the promise of technology by accelerating IT to zero latency. The company�s software, the Opsware System, automates the entire data center, from provisioning to patching, configuration to compliance and discovery to deployment, turning data center operations into a competitive advantage for business. Opsware�s technology is used by hundreds of companies worldwide including banks, service providers, retailers, manufacturers and Internet companies with IT environments ranging from hundreds to tens of thousands of servers, network devices, storage devices and IT processes. For more information on Opsware Inc., please visit our Web site at www.opsware.com. Opsware is a service mark and trademark of Opsware Inc. All other product names, service marks, and trademarks mentioned herein are trademarks of their respective owners.