ConfigOS automation compliance software for STIG and CIS controls
ConfigOS is SteelCloud’s patented compliance software suite that allows anyone to quickly establish a STIG (Security Technical Implementation Guide) and/or CIS (Center for Information Security) – cybersecurity compliant environment. Our patented software is a complete solution offering scanning, remediation, compliance reporting, and external interfaces to other tools. ConfigOS incorporates both policy content and policy remediation automation for Windows Workstation, Windows Server, and Linux. Our patented software was designed to allow a user to easily adjust policies to address waivers and comply with unique requirements. SteelCloud LLC recently announced they have released its much anticipated ConfigOS Command Center, the newest, ground-breaking version of its patented STIG remediation and automated Risk Managment Framework / RMF readiness software. ConfigOS Command Center is an automation game-changer for anyone faced with RMF, NIST SP 800-171, or production STIGs compliance requirements. We really focused on expanding our support for auditing, compliance reporting, enterprise-wide remediation capabilities, and interfaces to other technologies with our additional innovation improvements around every aspect of ConfigOS. This year we are highlighting our new breakthrough technology – GPO Conflict Resolution, where ConfigOS arbitrates local and group policy so they coexist to properly protect our nation’s critical networks. SteelCloud’s specialized software has been used in every possible IT infrastructure including classified, tactical, cloud, and weapon system environments. Eight out of the top ten federal integrators, major civilian and intelligence agencies and technology vendors utilize our product to deliver the STIG and CIS-compliant solutions to their customers. No matter whether you have a handful of systems or thousands of endpoints, ConfigOS is a perfect system to automate your compliance requirements.
In the newest release of ConfigOS, we have re-envisioned a “single pane of glass” giving the user a flexible interface that combines simple single system operations with those of complex network automation. The foundation for the interface is a flexible network tree that allows for unlimited nesting and a simple drag and drop operation. Icons and colors help the user visualize the organization and status of groups and endpoints. Endpoint set-up productivity is achieved by allowing some and or all credential and policy information to be inherited by endpoints from their designated groups. All scan, remediation, and reporting functions are easily accessible from the primary system/network screen.
SteelCloud offers a policy scanner for complete STIG policy and automated control and remediation. The ConfigOS Builder policy authorizing and complete STIG scanning capability accelerates RMF accreditation by allowing users to harden policy controls around an application stack in just 60 minutes versus days/weeks/months. ConfigOS was designed from the ground up to allow users to easily adjust/extend any of the STIG or CIS policy content provided by SteelCloud to the requirements of the customer application environment. All documentation is provided for any and all adjustments in policy (waivers) so that waiver information is integrated into the scanning, remediation and reporting functions of ConfigOS.
The ConfigOS Builder will also allow a user to build policy from scratch for unique situations. Our software creates policies for secure baselines and manages STIG/CIS support for the entire production policy and application lifecycle – from pre-production/RMF/ATO through to production policy remediation. Additionally, SteelCloud has developed easily accessible automated remediation rollback to accelerate the testing of new/updated policies.
Our Policy 360 ConfigOS high-performance software uses the same integrated content to provide the “easy button” for both scanning and automated STIG/CIS remediation of Windows and Linux systems. ConfigOS manages the complete policy lifecycle of an application environment. This unique patented tool combines the fastest, most complete policy scanner available with automated policy control remediation. While other solutions scan and report, ConfigOS scans, reports, and fixes non-compliances – all with a simple click. A single instance of ConfigOS scans 3,000 to 5,000 endpoints per hour and remediates 500 to 3,000 endpoints per hour for a single instance of ConfigOS. Simply add additional instances of ConfigOS to increase capacity. SteelCloud provides tested, documented STIG and CIS content so your compliance effort is a snap!
ConfigOS can provide comprehensive reports by enterprise or endpoint based on a single policy and or groups of policies. Integration with STIG Viewer is made easy by producing XCCDF output. Our patented software allows the user to approve waivers in its Builder functionality so reports include information about controls that have “accepted non-compliance” designations. As a result, ConfigOS effectively eliminates the wasted effort to continually track down non-compliances that cannot be remediated and have been pre-approved. The result is that the ConfigOS reports provide succinct actionable data.
Currently operating in all of the following – FedRamp Cloud, physical and virtualized – connected and disconnected – private, cloud, and tactical – unclassified and classified – DoD, Federal Civilian, Vendor, and Corporate. ConfigOS is agent-less and does not require changes to endpoint application stacks and or additional infrastructure – no internet, no web servers, no database servers, no license servers, no domain controllers, no changes in Active Directory, no STIG/CIS waivers. ConfigOS effectively operates in both large and small networks, classified environments, labs, disconnected networks, tactical environments, and FedRamp clouds.
