Hi all, I've been using activeMQ in a few projects now, and it works great! But now I am looking at a project where the product might need to be integrated into government systems. I've been looking into whether or not ActiveMQ meets the Database Security Technical Implementation Guide (STIG) from Defense Information Systems Agency (DISA)(http://www.appsecinc.com/solutions/disa-stig/index.shtml), but I have been having issues getting a straight answer.
I looked at the national security vulnerability database(http://web.nvd.nist.gov/view/vuln/search-results?cpe=cpe%3A%2Fa%3Aapache%3Ahttp_server%3A2.0&page_num=0&cid=5), as well as other places around the web in order to find more information about activeMQ security. And as far as I can tell, all (known)major security bugs have been resolved as of 5.5. But I haven't been able to find a straight answer about whether it meets all the necessary criteria and is able to be used in government systems. So my question is, does anyone know if activeMQ can be used in government systems? And/or do you know of any resources which give this information? Any help would be greatly appreciated! Thanks. -- View this message in context: http://activemq.2283324.n4.nabble.com/Apache-ActiveMQ-Security-and-Government-Systems-tp3652474p3652474.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.
