Generic filters

Integrating CKL, eMASS, and SIEM Data with Automation

January 12, 2022

Automating eMASS

There are four significant areas that automation can be applied to provide real advantage to the operationalization of cyber compliance within the DoD.

1, Automate and reduce the effort/errors in merging non-technical CKL data with machine-generated technical data.

2. Automate and simplify the production and input of compliance data into eMASS.

3. Automate and reduce the effort to produce, name, and store fully populated STIG Viewer Checklist in bulk (by the 1,000s).

4. Provide complete CKL data to SIEM data feeds so that complete compliance data is easily accessible through integrated enterprise dashboards.

In 2021, we participated in a SteelCloud-funded IRAD, sponsored out of one of the DoD component’s CIO offices, to address the eMASS automation challenge.  Because our existing STIG compliance software automates remediation, rather than just scanning, we started with a better foundation to address the four automation targets described above.  From our IRAD that included multiple service components, SteelCloud developed and recently released a new version of its ConfigOS software that provides a simple integrated solution to address each of these automation challenges.  We have provided this version of ConfigOS to all of our customers at no additional cost starting in December 2021.

SteeCloud had already solved the problem of merging machine data with pre-populated STIG Viewer Checklist data several years ago.  But it was a fairly manual one-at-a-time process.  We enhanced ConfigOS to allow users to associate pre-populated checklists with policies for one or groups of computers.  Therefore, at processing time, ConfigOS can merge the CKL and machine data to create bulk checklists, consolidated ARF/ASR eMASS files, and/or consolidated JSON files to populate our DashView Splunk dashboard or the customer’s chosen SIEM.

To support real-world operations where non-production systems are excluded and/or information from individual systems need to be produced, ConfigOS allows the user to select individual/groups of computers to create bulk Checklists, eMASS files, and/or JSON output.

SteelCloud even enables the user to the option to integrate CKL data into their normal production scan and remediation operations so that SIEM is always up to date with the complete security compliance picture.

SteelCloud’s new software ensures the easy synchronization of massive numbers of checklist files, eMASS data, and SIEM dashboards – everything in synch, everything up to date.


Share This Resource: