Generic filters

Make checklist work more agile with eMASS automation

April 18, 2022

Accelerating your RMF accreditation means getting more agile with eMASS automation.

If you have ever tried loading STIG Viewer Checklist data into eMASS, you know one thing— it is a burdensome process! Yet the comprehensive view of your manual and machine configuration management and cybersecurity checklist are valuable, especially for accelerating your RMF accreditation.

eMASS, or the Enterprise Mission Assurance Support Service, was developed by the DoD, in part, as a repository that unites technical/machine data generated from endpoint scans with the human/non-technical data documented by security/IA personnel.  Traditionally the “uniting” process is accomplished by completing a STIG Viewer Checklist for each policy for each endpoint.  So a 1000 workstation environment could easily generate 10,000 individual checklist files or more—hard to be agile when inundated with so much manual work.

Over the past year, SteelCloud has worked with its military customers and DISA to reinvent the cumbersome effort necessary to complete and load STIG Viewer Checklist data into eMASS. This new digital transformation automates the integration of documentation, manual, and control exceptions with machine controls to create fully populated checklists in bulk.

ConfigOS gives you the agility to handle multiple pain points with one tool.

eMass checklists are traditionally hand-created by pre-populating checklists for each policy with the appropriate non-technical data  and POAM/waiver information. Then security personnel combines the XCCDF output from the system scan (ACAS/SCAP) to create, name, and store the individual checklists for each endpoint.  Once completed, the individual checklists that consolidate scan and human data are loaded into eMASS.

Keeping eMASS current with the latest security information through this checklist creation and upload process is a challenge, both from a timeline and a personnel resource standpoint, since the process is inherently manual. Further, the processing architectures of scan-only products do not afford the DoD with an option to effectively address the requirement to combine security data and create fully-populated STIG Viewer Checklists. As one can imagine, consistency, timeliness, and error handling are constant issues in such a human-dependent vulnerability management process.

SteelCloud’s ConfigOS software automates the integration of documentation, manual, and control exceptions with machine controls to create fully populated checklists in bulk. A few keystrokes are all it takes to produce thousands of completed checklists for an entire infrastructure.!

ConfigOS’s agility extends to Splunk and other SIEM systems, too.

ConfigOS consolidates all the checklist data, for thousands of systems and dozens of STIG policies, into a single ARF and a single ASR file for easy importation into eMASS. Additionally, ConfigOS automatically integrates STIG Viewer checklist manual controls into its data feeds for Splunk or the customer’s SIEM of choice. For many customers, SteelCloud’s ConfigOS provides the first COTS application capable of viewing manual control compliance data from a SIEM dashboard.

“This new automation is a game-changer for our DoD customers looking to enhance their RMF processes,” said Brian Hajost, SteelCloud Chief Operating Officer. “Our software saves over 95% of the effort to complete checklists and load eMASS, and it automates this process in near real-time, ensuring the synchronization of the environment, the Checklists, eMASS, and SIEM. Our integrated output allows our customers to see, for the first time, 100% of the STIG Viewer Checklist information in a SIEM dashboard.”

See the  complete picture of your cybersecurity efforts with ConfigOS.

IT modernization doesn’t happen overnight. As new solutions come on board, you’ll want to assess their capability, reliability, and agility.

SteelCloud’s ConfigOS is the most proven cybersecurity automation solution in the DoD. This new eMASS automation and Splunk integration capability make a leading product even more agile and time-saving than it already is. SteelCloud provides this update as a no-charge enhancement to all customers in version 2.8.4 of ConfigOS.

Share This Resource: