STIG for Dummies eBook
SCAN

Quickly scan a single endpoint or your entire infrastructure. With SteelCloud’s patented scanning engine, each instance of ConfigOS can SCAN with 5,000-10,000 systems per hour – supporting the requirements of even the largest infrastructures.

REMEDIATE

Remediate STIG or CIS security controls using your own customized policies.  With its patented asynchronous remediation engine, each instance of ConfigOS can REMEDIATE 2,000-4,000 systems per hour – add more instances to meet your performance requirements.

REPORT

Automatic compliance Reporting makes it easy to see current compliance in an organized, easy-to-understand format. Customize and filter your results with our built-in-tools, or complete your STIG Viewer checklist with our automated checklist integration.

DoD

ConfigOS has been widely implemented throughout the Department of Defense in classified and unclassified environments, tactical programs, weapon systems, disconnected labs, and cloud applications.
Read More

Civilian & Intel Agencies

Many Civilian & Intel environments have the exact same security compliance requirements as we see in the DoD. ConfigOS has been implemented in the most demanding systems including classified applications.
Read More

Contractors

SteelCloud has years of experience in supporting government contractor programs. Our SI clients rely on SteelCloud's expertise and technology to accelerate RMF accreditations and meet ongoing IA mandates.
Read More

Software & Tech Vendors

In the current federal budget climate, software products vendors are realizing the business benefits from easing the installation and support burden on the government and integrator customers.
Read More

Commercial

There has been a recent uptick in the numbers of Commercial organizations that have been mandated or have voluntarily chosen to standardize on the CIS or STIG benchmarks as cyber security best practices.
Read More

State & Local Government

ConfigOS addresses the recent federal government agency mandates on local government organizations to comply with NIST 800-53 security standards which include compliance with the STIG or CIS benchmarks.
Read More
News and Events
Agenda
Agenda
October 2020 – February 2021 Oct 2020 – Feb 2021
Collapse All Expand All
Oct
15
Thu
Cyber Talk Session Topic: The Technical Nuts & Bolts of CMMC @ Virtual Event via Webex
Tickets
Oct 15 @ 1:00 pm – 3:00 pm
Cyber Talk Session Topic: The Technical Nuts & Bolts of CMMC @ Virtual Event via Webex

The Technical Nuts & Bolts of CMMC

The Project Manager Defensive Cyber Operations is hosting a “Cyber Talk” informational and educational briefing that will be presented by Brian Hajost, CEO for SteelCloud, called “The Technical Nuts & Bolts of CMMC”.

Who should attend: Government personnel, Contractors, SOSSEC Consortium Members and all interested Industry vendors. Program managers, development teams, engineers, architects, ISSO’s, security managers, security specialists, and system administrators who are eager to learn about DCO platform architectures and modern application development techniques. This event is intended to educate all professionals who support these initiates.

Location is Virtual via Webex:

What You Know…

If you’re in business serving the Department of Defense, you have no doubt heard of and maybe are a little worried about the new Cybersecurity Maturity Model Certification (CMMC) requirement that is becoming a contract mandate for all DoD suppliers.  Without the blessing of a 3rd Party Audit Organization (3PAO) for any one of the 5 levels of CMMC, your company loses eligibility to bid on all DoD contracts and, if GSA’s STARS III actions are any indication, many civilian contracts as well.  Self-attestation as to your cyber hygiene will soon be a memory.

Much hype, conference presentations and now COVID-friendly Zoom meetings have discussed definitions and the things you may need to do relative to documenting things, preparing manuals, hiring consultants, and passing your first audit.  Not a lot of attention or education has been provided to the actual technical requirements of CMMC, not only for initial certification but to stay compliant, year over year.  In fact, for many, these requirements are still cloaked in mystery.  The CMMC language tells us in general terms to establish a “practice” or “policy” in multiple areas, but what exactly are the best practices to implement for your organization to consistently meet this new mandate with the lightest lift possible?

What You Need to Know…

This briefing will describe the technical nuts and bolts of CMMC, such as…

  • How the DISA STIGs for your endpoints related to CMMC requirements, and ways to simplify that compliance
  • What the requirements are for access control and 2-factor authentication?
  • What are valid data encryption strategies for CMMC compliance and sustainment?
  • What other standards we already comply with apply to my organization and how they relate to CMMC (NIST 800-171, NIST 800-53, etc.)?

SteelCloud has been managing compliance to cybersecurity standards on behalf of Federal agencies for years.  This Cyber Talk will show you how to understand the new CMMC standard, characterize it and learn precisely—section by section–what it means to your company, and provide strategies for simplifying your CMMC compliance plan.

The Two-hour session will allow for questions and answers.

Read more
Tags: 800-171 800-53 CMMC Cybersecurity NIST STIG
Dec
1
Tue
AFCEA TechNet Cyber @ Virtual Conference
Tickets
Dec 1 – Dec 3 all-day
AFCEA TechNet Cyber @ Virtual Conference

TechNet Cyber 2020 will be a forum for military, industry and academia to discuss and plan how to achieve persistent engagement, presence and innovation. It is the opportunity to devise a new strategy to build resilience and defend networks.

 

Read more
Tags: events
Dec
3
Thu
CDM Central @ Virtual Conference
Tickets
Dec 3 @ 7:45 am – 1:15 pm
CDM Central @ Virtual Conference

Join SteelCloud and MeriTalk for a half-day conference to discuss how CDM is accelerating Federal IT’s journey towards improved mitigation of today’s cyber threats and leading agencies along the highway of success. Explore the evolving possibilities of CDM, including:

  • What agencies can expect in the Federal CDM Dashboard revamp
  • How AWARE continues to provide visibility into agencies’ cyber risk
  • What new shared services are coming
  • How the private sector is aiding and supporting the CDM program
  • What impact .govCAR, EINSTEIN, and TIC 3.0 will have on future CDM efforts
Read more
Tags: events
Feb
1
Mon
DoDIIS WorldWide Conference @ Henry B. Gonzales Convention Center
Tickets
Feb 1 – Feb 3 all-day
DoDIIS WorldWide Conference @ Henry B. Gonzales Convention Center

Visit the SteelCloud team when the Defense Intelligence Agency (DIA) brings together experts and innovators from the military, industry, government, and academia to collaborate and share insights.

Given the ongoing developments and uncertainty with COVID-19 (Coronavirus), the DIA has made the decision to reschedule the DoDIIS Worldwide Conference to February 1-3, 2021 in San Antonio, Texas.

Read more
Tags: events
October 2020 – February 2021 Oct 2020 – Feb 2021