Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
dbohlmann
Newcomer I
‎11-09-2017 12:27 PM
‎11-09-2017 12:27 PM

Port scanning test and report approved by GSA

I don't know if there is such a thing, but I get asked from time to time if our products have been "GSA port scanned".  Does the GSA have a document of recommendations or a framework or a toolset defined that I can run against my products to show 'compliance', or have some results?  In the past we've had a few government facilities do their own scan and would/would not provide us results, depending.  Is there a publicly available document that describes the requirements and "expected results"?  Or is there really no such thing and it depends on the particular service or department (non-military)?

Reply
0 Kudos
2 Replies
MrJackBadger
Newcomer I
‎11-11-2017 07:36 PM
‎11-11-2017 07:36 PM

No such thing by standard.  The closest you'll get is the FedRAMP process for cloud providers:

 

fedramp.gov

https://www.fedramp.gov/provide-public-comment/vulnerability-scanning-requirements-and-process-clari...

 

 

ask your customers if that's what they mean.

Reply
dbohlmann
Newcomer I
‎11-14-2017 03:57 PM
‎11-14-2017 03:57 PM

I will keep that in mind since we do have cloud services.  Thanks.

 

The customer was asking in particular for a router that we make, though.

Reply
0 Kudos