We make hard things simple…
ConfigOS is SteelCloud’s patented compliance software suite that allows anyone to quickly establish a STIG (Security Technical Implementation Guide) and CIS (Center for Information Security), cybersecurity compliant environment.
For anyone faced with RMF, NIST SP 800-171, or production STIG compliance requirements, our patented software is a complete solution for the auditing and scanning, enterprise-wide remediation and compliance reporting, and interfaces to other technologies around every aspect of ConfigOS.
ConfigOS incorporates both policy content and policy remediation automation for Windows Workstation, Windows Server, and Linux. Our patented software is designed to allow a user to easily adjust policies to address waivers and customize and comply with policy requirements.
ConfigOS is currently implemented in classified and unclassified environments, tactical and weapon system programs, disconnected labs, and the commercial cloud. ConfigOS is client-less technology, requiring no software agents.
ConfigOS addresses Microsoft Windows workstation and server operating systems, SQL Server, IIS, IE, Chrome, and all of the Microsoft Office components. The same instance of ConfigOS addresses Cisco network devices, Apache web server, Oracle, Red Hat Enterprise Linux 5 (RHEL 5+ 6, 7, 8), SUSE, CentOS, and Ubuntu.
SteelCloud’s ConfigOS software helps you STIG FASTER!
ConfigOS is SteelCloud’s patented compliance software. ConfigOS hardens around and application stack to create a secure baseline implementation of any given policy in order to make it work in your operational or application environment.
Achieve secure policy requirements by scanning a single endpoint or your entire infrastructure (laptops, desktops, physical or cloud servers) with SteelCloud’s patented scanning software. Each instance of ConfigOS can scan 5,000-15,000 endpoints per hour – supporting the requirements of small to even the largest infrastructures.
The time it takes to remediate hundreds of STIG controls on each endpoint is typically under 2 minutes and ConfigOS executes multiple remediations at a time. Remediating security controls is easy using your own customized policies. With its patented remediation engine, each instance of ConfigOS can remediate 3,000-5,000 endpoints per hour. Add more instances to meet your performance requirement.
Reporting in an organized easy-to-understand format, ConfigOS simplifies compliance reporting. Automatic compliance Customize and filter your results with our built-in-tools. Complete STIG Viewer checklist integration is at your fingertips, including automatic entry of full finding details and waiver descriptions.
VIEW CONFIGOS in ACTION
In this short on-demand demo, you can see how SteelCloud’s ConfigOS software rapidly automates and remediates STIG and CIS policy compliance to help organizations achieve RMF accreditation.
Want to know how ConfigOS compares to a group policy object (GPO)? Meet your next DISA quarterly update without needing SME’s by creating group policies.
Documentation controls, no problem, ConfigOS offers checklist reporting to STIG Viewer allows you to append and remediate to produce one data file. Watch now.
See how to STIG Faster with SteelCloud to learn more watch this demo.
Simplify Cyber Policy Compliance
SIMPLE POLICY AUTHORING
Streamline security baseline policy creation and testing with ConfigOS Foundry. This information assurance (AI) workbench allows organizations to tailor policies to their applications and environments to publish secure policy containers incorporating those new policies.
ConfigOS Foundry allows users to approve waivers so reports include information about controls that have “accepted non-compliance” designations. ConfigOS effectively eliminates the wasted effort of continually tracking down non-compliances that cannot be remediated!
ConfigOS Command Center is the workhorse of the ConfigOS product suite, delivering unrivaled SPEED and AGILITY. From a single screen, endpoints can be easily managed, fixed, evaluated rolled back, and reported.
For most applications, initial hardening and baseline creation can be completed in less than 60 minutes!
HIGH PERFORMANCE – HIGH PRODUCTIVITY
The power of ConfigOS is leveraged through our Policy 360 high-performance software and uses the same integrated content to provide the “easy button” for both scanning and automated STIG/CIS remediation of Windows and Linux systems.
With its patented remediation engine, for each instance of (ConfigOS) Command Center can remediate 3,000-5,000 endpoints per hour. Add more instances to meet your performance requirement.
EASY COMPLIANCE REPORTING
Reporting just got easier! ConfigOS delivers comprehensive reports by enterprise or endpoint based on a single policy and or groups of policies in an organized, easy-to-understand format. Customize your filter your results with our built-in-tools. Complete STIG Viewer checklist integration is at your fingertips, including the automatic entry of fulling finding details and waiver descriptions.
Monitor your infrastructure hardening compliance with ConfigOS DashView
Dramatically reduce the time spent monitoring, detecting, and maintaining the enterprise’s DISA STIG/CIS Benchmark infrastructure hardening compliance.
ConfigOS DashView is revolutionizing the way organizations monitor and maintain their infrastructure hardening compliance. Getting compliant is difficult but maintaining that compliance posture is even more difficult. ConfigOS DashView leverages Splunk’s “Big Data” platforms to automate these processes and provide the organization with near real-time awareness.
LEVERAGE SPLUNK’S ENTERPRISE/CLOUD PLATFORMS
DashView brings all this data to a “single pane of glass” in an easy-to-use Splunk-based application.
Gain visibility into your company’s infrastructure security and compliance posture by continuously evaluating and monitoring of failed security controls.
Dramatically reduce the time you spend on RMF, NIST and STIG remediation
Our patented software automates STIG remediation compliance, removing months from the RMF cycle. We track waivers and provide full STIG Viewer checklist integration. Our technology is used throughout the DoD and major systems integrators. Reduce risk with ConfigOS SCAP-validated automation tool to the reduce risk and set mitigating controls in less than one day.
Our lightweight tools allow our government clients to bring new cloud infrastructures into compliance quickly. Portable policy containers enable customers to transport and synchronize policy between infrastructures and security domains easily. Our STIG automation capabilities allow our DoD customers to move at “cloud speed.”
ConfigOS patented software was used to harden the cloud infrastructure of the first DoD program to get an ATO (Authority to Operate) in the commercial cloud environment.
Our patented ConfigOS software allows our customers to inject compliance into each step of the DevOps process. The key opportunity that ConfigOS provides is the easy ability to incorporate STIG compliance in the development cycle – ensuring higher quality secure applications that simplify accreditation and sustainment. In addition, our portable security containers allow STIG or CIS policy synchronization even across mission partners.
CMMC COMPLIANCE READINESS
SteelCloud accelerates CMMC readiness with automation, eliminating months of manual audit prep, speeding up the hardening of infrastructure for CMMC compliance. Shift gears to fast track your certification.
SteelCloud’s patented ConfigOS software, scans and remediates thousands of systems in under an hour.
Prepare now for your organization’s CMMC assessment.
“I want to introduce the ConfigOS software to our principal DoD client and perhaps a few more. They are not meeting their cybersecurity goals using ACAS [Assured Compliance Assessment Solution] and warm bodies alone, and this will help the cause in a major way if integrated into their workflow. It’s also something that our CMMC lead is looking at for our Level 3.”
- Solutions Architect, large DoD VAR
“ConfigOS is the most straightforward, easy to understand tool we have seen to amplify the output of our IA teams on contract.”
- Vice President, small DoD/Federal Civilian Systems Integrator
“STIG work and patching were the bane of our existence. Always STIGing. Now, with SteelCloud, STIG work is done more readily, and engineers can focus those saved hours on other initiatives and maintaining a competitive edge.”
- Sr. Advanced Network Engineer, Major Integrator
“No tool is 100%, it’s just not possible. But my teamed performed a very deep apples to apples comparison of SCAP+manual vs. SteelCloud+manual and the results surprised us. Based on our assessment we spent 28 man-hours with SCAP, AppDetective (database) and finishing with manual checks. Steelcloud got us to the same level of completion with validation and manual completion in 2 hours.”
- Assessment Team Lead at U.S. Coast Guard
“SteelCloud has a great product in ConfigOS, and it really pays off each quarter when DISA releases painful new STIGs. SteelCloud updates their content for simple download to our security signatures for thousands of automated STIG controls, making annual maintenance a snap. We are never out of compliance.”
- Bill Andrews, Information Systems Security Engineer, US Navy