Cimcor

Cimcor, Inc. is a software company based in Merrillville, Indiana^[1] that develops security and integrity software. The company develops software to be used in corporate, government, and military initiatives to protect the nation's computer networks from unauthorized access. Cimcor's flagship software product, CimTrak helps organizations monitor, protect, and "Self-heal" computer servers and network devices in real-time while providing audit information including what was changed, when the change occurred, and how the change was made. Cimcor's customer base ranges from Fortune 100 companies through mid-market businesses, military and government agencies looking to address the business continuity, security, and regulatory requirements of their critical IT infrastructure.

History

Cimcor was established in 1997 and incorporated in Indiana.^[2]

Company

Management Team

• Robert E. Johnson III- President and Chief Executive Officer^[3]
• Dale Dougherty- Vice President^[4]

Accomplishments

Cimcor Cryptographic Module version 1.0

• Validated FIPS 140-2 Level 1^[5] and FIPS 140-2 Level 2^[6]

The Federal Information Processing Standard (FIPS) Publication 140-2, FIPS PUB 140-2, is a U.S. government computer security standard used to accredit cryptographic modules. Level 1 indicates that the cryptographic module supports the lowest level of acceptable security. Security Level 1 allows the cryptographic module to be executed using a unevaluated operating system. Security Level 2 enhances the physical security mechanisms of Security Level 1 by adding the requirement for tamper-evidence and protection.^[7]

CimTrak Integrity Suite version 2.0.6 (F)

• Common Criteria EAL4 Augmented with ALC_FLR.2^[8]

The Common Criteria for Information Technology Security Evaluation (abbreviated as Common Criteria or CC) is an international standard (ISO/IEC 15408) for computer security certification. Common Criteria allows for the specification and verification of vendor claims relating to security functionality and assurance requirements. Verification of claims is performed using approved testing laboratories.^[9] The Evaluation Assurance Level of EAL4 permits the developer to gain maximum assurance from positive security engineering based on good commercial development practices which, though rigorous, do not require substantial specialist knowledge, skills, and other resources. EAL4 is the highest level at which it is likely to be economically feasible to retrofit to an existing product line. EAL4 is therefore applicable in those circumstances where developers or users require a moderate to high level of independently assured security in conventional commodity TOEs and are prepared to incur additional security-specific engineering costs. Augmented with ALC_FLR.2 establishes and verifies the claim that the developer has established flaw remediation procedures that describe the tracking of security flaws, the identification of corrective actions, and the distribution of corrective action information to TOE users.^[10]

• Department of Defense Unified Capabilities Approved Product List^[11]

Cimcor's flagship software CimTrak is the only File Integrity Monitoring tool on the Department of Defense Unified Capabilities Approved Products List.^[12] This unique factor allows CimTrak to be the only File Integrity Monitoring product available for use within the Department of Defense boundaries.

• United States Army Approved Product List^[13]

Products contained on the United States Army Approved products list have been deemed acceptable for use within the boundaries of the United States Army.

Partners

Cimcor has strategic relationships with technology partners located through the world.

• NitroSecurity^[14]
• Hewlett-Packard^[15]
• VMware^[16]
• Core Security^[17]

References

External links

• Cimcor's website
• Cimcor's CimTrak Integrity and Compliance Suite website
• Cimcor President/CEO Personal website