activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dar...@ontrenet.com
Subject Re: Apache ActiveMQ Security and Government Systems
Date Thu, 07 Jul 2011 21:22:34 GMT
Why not ask DISA if its been accredited already? They will have a list...

> Hi all,
>
> I've been using activeMQ in a few projects now, and it works great! But
> now
> I am looking at a project where the product might need to be integrated
> into
> government systems.  I've been looking into whether or not ActiveMQ meets
> the Database Security Technical Implementation Guide (STIG) from Defense
> Information Systems Agency
> (DISA)(http://www.appsecinc.com/solutions/disa-stig/index.shtml), but I
> have
> been having issues getting a straight answer.
>
> I looked at the national security vulnerability
> database(http://web.nvd.nist.gov/view/vuln/search-results?cpe=cpe%3A%2Fa%3Aapache%3Ahttp_server%3A2.0&page_num=0&cid=5),
> as well as other places around the web in order to find more information
> about activeMQ security.  And as far as I can tell, all (known)major
> security bugs have been resolved as of 5.5.  But I haven't been able to
> find
> a straight answer about whether it meets all the necessary criteria and is
> able to be used in government systems.
>
> So my question is, does anyone know if activeMQ can be used in government
> systems?  And/or do you know of any resources which give this information?
> Any help would be greatly appreciated!  Thanks.
>
> --
> View this message in context:
> http://activemq.2283324.n4.nabble.com/Apache-ActiveMQ-Security-and-Government-Systems-tp3652474p3652474.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>


Mime
View raw message