skip to Main Content
Generic selectors
Exact matches only
Search in title
Search in content
Search in posts
Search in pages
Filter by Categories
Press Releases

Quickly scan a single endpoint or your entire infrastructure. With SteelCloud’s patented scanning engine, each instance of ConfigOS can SCAN with 5,000-15,000 systems per hour – supporting the requirements of even the largest infrastructures.


Remediate STIG or CIS security controls using your own customized policies.  With its patented asynchronous remediation engine, each instance of ConfigOS can REMEDIATE 3,000-5,000 systems per hour – add more instances to meet your performance requirements.


Automatic compliance Reporting makes it easy to see current compliance in an organized, easy-to-understand format. Customize and filter your results with our built-in-tools, or complete your STIG Viewer checklist with our automated checklist integration.


ConfigOS has been widely implemented throughout the Department of Defense in classified and unclassified environments, tactical programs, weapon systems, disconnected labs, and cloud applications.

Civilian & Intel Agencies

Many Civilian & Intel environments have the exact same security compliance requirements as we see in the DoD. ConfigOS has been implemented in the most demanding systems including classified applications.


SteelCloud has years of experience in supporting government contractor programs. Our SI clients rely on SteelCloud's expertise and technology to accelerate RMF accreditations and meet ongoing IA mandates.

Software & Tech Vendors

In the current federal budget climate, software products vendors are realizing the business benefits from easing the installation and support burden on the government and integrator customers.


There has been a recent uptick in the numbers of Commercial organizations that have been mandated or have voluntarily chosen to standardize on the CIS or STIG benchmarks as cyber security best practices.

State & Local Government

ConfigOS addresses the recent federal government agency mandates on local government organizations to comply with NIST 800-53 security standards which include compliance with the STIG or CIS benchmarks.


User Icon

“I want to introduce the ConfigOS software to our principal DoD client and perhaps a few more. They are not meeting their cybersecurity goals using ACAS and warm bodies alone, and this will help the cause in a major way if integrated into their workflow. It’s also something that our CMMC lead is looking at for our Level 3.”

- Solutions Architect, large DoD Contractor

User Icon

“CMMC certification readiness is really easy with ConfigOS! We automated all the STIG compliance effort of our affected servers and workstations. ConfigOS will keep us current on STIG policy for all 3-years of our CMMC accreditation.”

- CTO, Technology Distributor

User Icon

“After having done my CMMC research, it’s finally clear to me that we need STIG or CIS compliance to achieve CMMC Level 3+ and SteelCloud’s ConfigOS software will allow us to automate this effort. After seeing a live ConfigOS demo, automation of STIG or CIS compliance is the way to go and will save us weeks or months on our accreditation timeline.”

- CISO and CMMC Registered Practitioner

User Icon

“ConfigOS is the most straightforward, easy to understand tool we have seen to amplify the output of our IA teams on contract.”

- Vice President, DoD/Federal Civilian Systems Integrator

User Icon

“STIG work and patching were the bane of our existence. Always STIGing. Now, with SteelCloud, STIG work is done more readily, and engineers can focus those saved hours on other initiatives and maintaining a competitive edge.”

- Sr. Advanced Network Engineer, Major Integrator

User Icon

“No tool is 100%, it’s just not possible. But my team performed a very deep apples-to-apples comparison of SCAP+manual vs. Steelcloud+manual and the results surprised us. Based on our assessment we spent 28 man-hours with SCAP, AppDetective (database), and finishing with manual checks. Steelcloud got us to the same level of completion with validation and manual completion in 2 hours.”

- Assessment Team Lead for a DHS component

User Icon

“SteelCloud has a great product in ConfigOS, and it really pays off each quarter when DISA releases painful new STIGs. SteelCloud updates their content for simple download to our security signatures for thousands of automated STIG controls, making annual maintenance a snap. We are never out of compliance.”

- Bill Andrews, Information Systems Security Engineer, US Navy

News and Events