nCircle Releases Configuration Compliance Manager™ 5.13, Now Audits MySQL and Microsoft Internet Information Services 7

New Version Also Includes New DISA STIG Policies

SAN FRANCISCO--(BUSINESS WIRE)-- nCircle, the leader in information risk and security performance management solutions, today announced the immediate availability of nCircle Configuration Compliance Managerversion 5.13. This release adds the ability to audit MySQL and Microsoft Windows Server Internet Information Services (IIS) 7 configurations, updates PCI support to Windows 7, and adds new DISA STIG policies for IIS7 and Solaris 10.

Auditing the configurations of IT systems, and monitoring changes in those configurations, is a critical step in reducing security risk and achieving compliance. nCircle Configuration Compliance Manager automates configuration auditing, and changes monitoring and configuration compliance processes, providing a clear picture of system configurations and the impact of configuration changes on compliance. Configuration Compliance Manager utilizes a completely agentless architecture, requiring no software installation on monitored endpoints. Agentless monitoring dramatically reduces deployment costs and makes it possible to profile every device on the network, delivering the most comprehensive coverage and the lowest cost of ownership. Configuration Compliance Manager includes a rich library of policies based on standards and benchmarks from NIST, Center for Internet Security, DISA and Microsoft, as well as policies for specific regulations, such as PCI, Sarbanes-Oxley, HIPAA, USGCB and NERC.

“With Configuration Compliance Manager 5.13, nCircle extends coverage for two of the most important technologies in the enterprise: databases and web servers,” said Tim Erlin, director of product management and IT risk and security strategist for nCircle. “The addition of MySQL auditing and the corresponding CIS policy allow customers to audit a critical enterprise application. Microsoft IIS 7 coverage, including the DISA STIG policies, extends Configuration Compliance Manager's web server auditing capabilities to help protect the underlying infrastructure behind many of the most critical enterprise applications.”

MySQL Support

With over 65,000 downloads per day, MySQL is the one of the most popular open-source databases. MySQL provides a reliable, affordable, easy to use solution for a wide range of database applications. Configuration Compliance Manager 5.13 adds MySQL support and four CIS-certified MySQL policies, enabling customers to audit for a wide range of best practice standards in order to improve security, ensure integrity and meet regulatory compliance requirements.

Microsoft IIS Support

Web servers are targeted and attacked by cyber criminals more frequently than any other system on an organization’s network. Microsoft IIS runs on over 84 million domains around the world and is used extensively in the enterprise. Configuration Compliance Manager 5.13 allows organizations to scan IIS7 configurations for a wide range of best practice standards to effectively manage security risks and increase compliance on these critical assets.

New Configuration Auditing Policies

Configuration Compliance Manager version 5.13 adds seven new policies and updates two PCI policies, bringing the total number of available policies to 166.

New policies include:

  • CIS Certified MySQL Policies
    • Linux Level 1
    • Linux Level 2
    • Windows Level 1
    • Windows Level 2
    • DISA STIG IIS7 Site V1R1
    • DISA STIG IIS7 Web Server V1R1
  • DISA STIG Solaris 10 V1R0.6

PCI policies updated to support Windows 7:

  • PCI DSS 2.0 for Windows
  • PCI File Integrity Monitoring

Configuration Compliance Manager version 5.13 is available now. For more information, please visit:

About nCircle Suite360

nCircle provides the world's most comprehensive suite of solutions for agentless security and configuration auditing for physical and virtual IT environments. nCircle's solutions combine the broadest discovery and deepest assessment of networks and their operating systems, applications, vulnerabilities and configurations with advanced analytics to help enterprises reduce security risk and achieve compliance. nCircle Suite360 is an integrated suite that shares a unified scan engine, common scoring methodologies, and centralized reporting and analytics. Suite360 includes IP360™ for vulnerability management, WebApp360™ for web application scanning, Configuration Compliance Manager (CCM)™ for configuration auditing and file integrity monitoring, Certified PCI Scan Service™ for on-demand self-service PCI scanning and Suite360 Intelligence Hub™ for IT governance, risk and compliance (ITGRC) reporting and analytics.

About nCircle

nCircle is the leading provider of information risk and security performance management solutions to more than 6,500 businesses and government agencies worldwide. nCircle solutions enable enterprises of all sizes to (1) automate compliance and reduce risk, and (2) measure and compare the performance of their IT security program with their own goals and industry peers. nCircle solutions may be deployed on a customer’s premises, as a cloud-based service, or in combination, for maximum flexibility and value.

nCircle has won numerous awards for growth, innovation, customer satisfaction and technology leadership, and has been ranked among the top 100 best places to work in the San Francisco Bay Area. nCircle is headquartered in San Francisco, CA, with regional offices throughout the United States and in London and Toronto. To learn how you can more effectively protect your company visit us at

nCircle is a registered trademark of nCircle Network Security, Inc. All other registered or unregistered trademarks are the sole property of their respective owners.

Shelley Boose, 408-398-6987

Source: nCircle