Reimagine RMF accreditation through eMASS automation and reduce 95% of the manual effort. Compliance is about security and security is about the data.
eMASS is designed to help the DoD to maintain IA situational awareness, manage risk, and comply with federal security mandates.
Understanding the STIG Viewer Checklist Problem – These checklists are traditionally hand-created by pre-populating checklists for each policy with the appropriate non-technical data and with POAM/waiver information. Then security personnel combines the XCCDF output from the system scan (ACAS/SCAP) to create, name, and store the individual checklists for each endpoint. Once completed, the individual checklists that consolidate scan and human data are loaded into eMASS. Keeping eMASS current with the latest security information through this checklist creation and upload process is a challenge, both from a timeline and a personnel resource standpoint, since the process is inherently manual. As one can imagine, consistency, timeliness, and error handling are constant issues in such a human-dependent process.
This video shares how to unify eMASS and SIEM Data in more advanced ways to ingest information through API or ARF/ASR file interfaces. However, two challenges remain – how to access and integrate the human/non-technical data for eMASS and efficiently create fully-populated checklists required outside of eMASS. Collective data feed could be compiled, the organization’s SIEM would represent the whole security compliance picture – not just the partial picture represented by only scan data.
SteelCloud has developed a new solution – Integrating CKL, eMASS, and SIEM Data. Merge the CKL and machine data to create bulk checklists, consolidated ARF/ASR eMASS files, and/or consolidated JSON files to populate our DashView Splunk dashboard or the customer’s chosen SIEM.
Leave a comment
Featured Resources
