Home > News > Trending news > SteelCloud and Telos Corporation Collaborate to Enhance NIST RMF Compliance

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

SteelCloud and Telos Corporation Collaborate to Enhance NIST RMF Compliance

Telos Corporation | January 09, 2023 | Read time : 02:00 min

SteelCloud LLC, a leading CIS and STIG compliance automation software developer and Telos Corporation, a renowned provider of cyber, enterprise, and cloud security solutions to the world's most security-conscious organizations, recently announced entering into a partnership to assist customers in reducing the complexity of NIST Risk Management Framework (RMF) compliance. Customers gain access to all seven RMF phases via a unified, automated solution.

SteelCloud's ConfigOS capabilities take care of the identify/ categorize, select, and implement components of RMF for technical assets. ConfigOS examines an asset, determining whether Security Technical Implementation Guides (STIG) apply, scanning against the STIG standards, identifying compliance indicators, and automating the remediation of findings. Meanwhile, Xacta incorporates and uses this information during the RMF's assessment and authorization processes, as well as when the monitor step is initiated once authorization to operate (ATO) is obtained.

Working together, ConfigOS and Xacta drive decisions to address identification and selection problems while reporting important indicator metrics required to achieve and sustain ATO. STIG and vulnerability data from ConfigOS are integrated into Xacta and mapped to appropriate requirements as part of Assessment and Authorization (A&A), providing customers with a streamlined approach to gaining necessary permissions. Xacta's workflow automation streamlines the whole NIST RMF workflow, managing validation, analysis, documentation, and accreditation processes from start to end.

About Telos Corporation

Telos Corporation provides solutions for continuous security assurance of personnel, systems, and information to the world's most security-conscious enterprises, empowering and protecting them. The company offers enterprise security solutions for identity and access management, organizational messaging, secure mobility, and network management and defense. Telos Corporation serves commercial organizations, regulated sectors, and government customers all around the world.

About SteelCloud

SteelCloud is a company that creates STIG and CIS compliance software for government and business clients. The company's product reduces the complexity, effort, and cost of implementing federal security standards by automating policy and security repair. SteelCloud has provided enterprise-wide security policy-compliant solutions, easing setup, and ongoing security and compliance support. SteelCloud goods are simple to obtain through our GSA Schedule 70 contract.

Spotlight

Dashlane’s Security Principles & Architecture

Dashlane Business supports login with single sign-on (SSO), using any SAML 2.0 enabled IdP. In a single-sign-on setup, the user doesn’t have to input UserMP . Instead, a random key is generated at account creation. This key (the data encryption key) is delivered to the Dashlane app after the user successfully logs in to the IdP, and it is used as a symmetric encryption key to encrypt and decrypt the user data.

Other News

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Cyber Security & Cloud North America – New Line-Up Speakers Announced

TechEx Events Ltd | April 17, 2023

The Cyber Security & Cloud Congress North America (17-18th May) has announced exciting new additions to its line-up of speakers and panellists for the upcoming two-day event in Santa Clara. The event will take place on May 17th and 18th, 2023, and will feature a diverse range of tech industry experts, including CIOs, CTOs, Cyber Security, Cloud Architects, and other key players in the field. Attendees will have a great opportunity to hear from the most talented speakers including: Prasanna P., Digital Transformation Leader – Enterprise Architecture & Enterprise Strategy Leader – Molina Healthcare Shea Lovan, Chief Security Officer – UC Santa Barbara Sachin Vaidya, EVP Chief Information Officer of Heritage – Bank of Commerce Kishore Viswanathan, Senior Technical Program Manager, Cybersecurity and Compliance – Lucid Motors Sameh Emam, Division Risk Manager – Union Bank Kavitha Venkataswamy, Director – Digital Product Security – Capital One Richard Paz, CISM, Cyber Security Engineer – NASA Jet Propulsion Laboratory & many more! In addition to these keynote speakers, the event will also feature several panel discussions covering a wide range of topics, including Zero Trust, Threat Detection & Response, Training, Talent & Culture, Identity & Access Management, Application Security, Data Security and more. Attendees will have the opportunity to network with other industry professionals and gain valuable insights into the latest trends and technologies shaping the cybersecurity and cloud technology landscape. The Cyber & Cloud Congress North America promises to be a knowledge-packed, innovative, and engaging event for all those interested in Cyber Security and Cloud technology, but also the newest technology solutions, products and services that will be showcased during the event. “We are thrilled to have such an outstanding group of speakers joining us for the Cyber & Cloud Expo,” said Lia Richards, Head of Conference. “With their diverse backgrounds and extensive experience, they will bring a wealth of knowledge and insights to our attendees. We look forward to hearing their perspectives on the most pressing issues facing the industry today”. WHAT ELSE TO EXPECT? Over the course of two days at Cyber Security & Cloud Congress North America attendees will have a great number of opportunities to visit exhibition stalls and connect with the representatives of some of the world’s biggest brands including IBM, IDC, Bosh, AWS, Zoho and many more, all implementing the latest in Cyber Security & Cloud technologies within their sectors. Paying attendees will also have a chance to join the networking party event following Day 1 of the conference, where all will be able to connect and network in a more relaxed setting, with free food and drinks provided. This opportunity is open for Gold and Ultimate Pass Holders, Speakers, Press, Sponsors, and Exhibitors. Find out more information here: https://www.cybersecuritycloudexpo.com/northamerica/networking-party/ Early-bird registration offering 25% discount of the full ticket price is open until 17th April, and interested attendees are encouraged to secure their tickets before the offer ends to avoid missing out on this exciting opportunity. Follow this link to discover ticket types and prices: https://www.cybersecuritycloudexpo.com/northamerica/ticket-types-and-prices/. About TechEx Events Ltd The TechEx Event portfolio is an international conference and tech showcasing cutting-edge tech innovation in enterprise. Featuring real-life use cases and in-depth industry insights, the event series delves into the AI, Big Data, Blockchain, Cyber Security, 5G, IoT and Edge Computing ecosystems. Running for over six years, our co-located events strengths lie within our expert community. We bring the heroes responsible for pushing game changing tech and strategy together, to craft relationships and creative solutions. We are the place where networking never stops – The one-stop-shop for enterprise innovators.