AWS Archives – SteelCloud

Tag: AWS

01 Dec 2017
alt="CIS Compliance Benchmarks" title="Picture CIS logo"

SteelCloud Expands Commitment to the CIS Compliance Benchmarks – Becomes a CIS SecureSuite Member

Ashburn, Virginia – August 23, 2017 — SteelCloud LLC announced today that it has become a CIS
SecureSuite member
. Through this membership, the company is further bolstering its
cybersecurity defense for CIS compliance coverage by adding comprehensive CIS (Center for Internet Security)
content to its existing automated STIG remediation capabilities. SteelCloud leverages the CIS Compliance
Benchmarks, which are a consensus-based, internationally recognized security configuration
resources developed by experts around the world to enhance its patented policy remediation
technology, ConfigOS, to meet the needs of the growing corporate and government markets.

“We are pleased to expand SteelCloud’s commitment to CIS through our new CIS SecureSuite
membership,” said Brian Hajost, SteelCloud President and CEO. “CIS Benchmarks are important
industry-accepted system hardening standards used by organizations in meeting compliance
requirements for FISMA, PCI, HIPAA, and other security mandates. With ConfigOS, we are
delivering the most comprehensive solution for automating the remediation of system policy to
the newest CIS standards.”

“We are excited to welcome SteelCloud as a CIS SecureSuite member, and look forward to
collaborating with them to help enhance their cybersecurity posture,” said Curtis Dukes, Executive
V.P. and G.M., CIS Security Best Practices & Automation.

ConfigOS is currently implemented in enterprise environments, classified and tactical programs,
agile labs, and the AWS commercial cloud. ConfigOS is client-less technology, requiring no
software agents. ConfigOS scans endpoint systems for hundreds of CIS controls in under 60
seconds and then remediates the endpoints in under 90 seconds. Automated remediation rollback
as well as comprehensive compliance reporting are provided. ConfigOS was designed to harden
every CIS control around an application baseline in 60 minutes – typically eliminating weeks or
months from the accreditation timeline. ConfigOS automates the incorporation of documented
policy waivers to ensure flawless automated CIS remediation and compliance reporting.
ConfigOS addresses Microsoft Windows 7/8/10 and Windows Server 2008/2012/2016 along with
Red Hat Enterprise Linux 5/6/7 and CENTOS Linux.

To receive more information on ConfigOS, please contact SteelCloud at
Video demonstrations of ConfigOS Windows and Linux remediation are available on the
Company’s website,, under the “Demos” tab. 

29 Nov 2017
alt="CDM image"title=" picture Risk Management Framework"/>

What Makes ConfigOS RMF Accreditation So Successful?

ConfigOS – Rock Solid, Simple Risk Managment Framework Accreditation and STIG Compliance!
ConfigOS is an easy to use software environment for creating, implementing, and remediating security policy, such as the DISA STIG and the CIS benchmarks.
Risk Management Framework (RMF) requires that systems be hardened to standard STIG or CIS benchmarks to meet RMF Accreditation.

FastPath Policy Authoring – Accelerates RMF accreditation by hardening policy controls around an application environment in 60 minutes. ConfigOS is a flexible Policy Signature authoring system designed to quickly and easily create, tune and extend STIG policy controls. Each user can quicly meet the requirements of any application environment. Our software creates policies for secure baselines and manages STIG support for the entire STIG and application lifecycle. From the pre-production RMF and ATO and move to STIG and application production remediation. Now each customer can harden every CAT I/II/III control around an application in typically less than 60 minutes with combined ConfigOS and FastPath sofware. Traditionaly it takes days, weeks, and often months to do this manually. ConfigOS evn has remediation rollback and special functionality to “bake” STIG POAMs waivers into its remediation process.

High Performance Scanning and Automated Remediation – The fastest, most complete STIG scanner available. It is the “easy button” for automated STIG remediation. ConfigOS STIG 360 manages the complete STIG lifecycle of an application environment. Our breakthrough technology automatically “fixes” STIG policy non-compliances for Windows and Linux systems. ConfigOS can scan 3,000 to 5,000 endpoints per hour and remediate 1,000 to 3,000 endpoints per hour from a single instance. Add additional instances of ConfigOS and increase capacity even more. SteelCloud provides tested, documented content for STIG compliance.

Comprehensive Compliance Reporting – ConfigOS offers easy to use XML compliance reporting. Our software solution provides comprehensive enterprise and individual endpoint XML-based compliance reporting. Additionally, ConfigOS also produces XCCDF output for easy integration with STIG Viewer.

Government Use Cases – Currently ConfigOS  operates in the – physical and virtualized – connected and disconnected – private, cloud, and tactical – unclassified and classified – DoD, Federal Civilian, and Vendor.
ConfigOS is agent-less and does not require changes to endpoint application stacks or adding infrastructure. No internet, web and database and or license servers, no domain controllers or changes in Active Directory, and no STIG waivers. ConfigOS effectively operates in both large and small networks, classified environments, labs, disconnected networks, tactical environments, and FedRamp clouds.

ConfigOS is easy to buy – Available on GSA and other BPAs.