ConfigOS Accelerates RMF with Automated Bulk Checklist Production
ASHBURN, Va., April 5, 2022 /PRNewswire/ -- SteelCloud LLC, a leading STIG and CIS compliance automation software developer, announced today the availability of a new release of its ConfigOS software that creates bulk STIG Viewer checklists and integrates human and machine controls into data feeds for eMASS and Splunk.
Over the past year, SteelCloud has worked with its military customers and DISA to reinvent the cumbersome effort necessary to complete and load STIG Viewer Checklist data into eMASS. This new capability automates the integration of documentation, manual, and control exceptions with machine controls to create fully populated Checklists in bulk. SteelCloud's ConfigOS software automates the production of thousands of completed checklists, for an entire infrastructure, with only a few keystrokes. Furthermore, ConfigOS consolidates all the checklist data, for thousands of systems and dozens of STIG policies, into a single ARF and a single ASR file for easy importation into eMASS. Additionally, ConfigOS automatically integrates STIG Viewer checklist manual controls into its data feeds for Splunk or the customer's SIEM of choice. For many customers, SteelCloud's ConfigOS provides the first COTS application capable of viewing manual control compliance data from a SIEM dashboard.
"This new automation is a game-changer for our DoD customers looking to enhance their RMF processes," said Brian Hajost, SteelCloud Chief Operating Officer. "Our software saves over 95% of the effort to complete Checklists and load eMASS, and it automates this process in near real-time, ensuring the synchronization of the environment, the Checklists, eMASS, and SIEM. Our integrated output allows our customers to see, for the first time, 100% of the STIG Viewer Checklist information in a SIEM dashboard."
SteelCloud provides this new eMASS automation and Splunk integration capability as a no-charge enhancement to all customers in version 2.8.4 of ConfigOS.
SteelCloud's ConfigOS software is currently implemented in hundreds of commercial and government organizations. Use cases for ConfigOS range from business, cloud, SCADA, and weapon systems. ConfigOS scans and remediates hundreds of system-level controls in minutes. Automated remediation rollback, as well as comprehensive compliance reporting and SIEM dashboard integration, are provided. ConfigOS was designed to harden hundreds of system-level controls around an application stack in about 60 minutes - typically eliminating weeks or months from the RMF accreditation timeline. ConfigOS addresses Microsoft Windows workstation and server operating systems, SQL Server, IIS, IE, Chrome, and all of the Microsoft Office components. The same instance of ConfigOS addresses CISCO network devices, Apache, Red Hat Enterprise 5/6/7/8, SUSE, CENTOS, Ubuntu, and Oracle Linux. Learn more at https://www.steelcloud.com/configos-cybersecurity/.
SteelCloud develops STIG and CIS compliance software for government and commercial customers. Our products automate policy and security remediation by reducing the complexity, effort, and expense of meeting government security mandates. SteelCloud has delivered security policy-compliant solutions to enterprises worldwide, simplifying implementation and ongoing security and compliance support. SteelCloud products are easy to license through our GSA Schedule 70 contract. SteelCloud can be reached at (703) 674–5500 or [email protected]. Additional information is available at www.steelcloud.com, or contact Jamie Coffey at [email protected].
eMASS is a computer application owned by the DoD that supports Information Assurance (IA), program management, and the Risk Management Framework (RMF). It helps the DoD maintain IA situational awareness, manage risk, and comply with FISMA. eMASS is managed by the Defense Information Systems Agency (DISA) and supports both pre-production and fielded systems.
SOURCE SteelCloud LLC