SteelCloud  

Ashburn,  VA 
United States
http://www.steelcloud.com

• Booth: 3629

Harden systems in under an hour! SteelCloud simplifies STIG/CIS/CMMC compliance, automating and remediating the process in every domain. Lock down systems, establish a Zero Trust baseline, and free administrators for other initiatives. Our patented ConfigOS software is proven to reduce hardening efforts by 90% and compliance costs by 70%. Visit our booth and push the STIG Easy Button demo! STIGwithSteelCloud

 Videos

 Press Releases

• News: SteelCloud Software Deployed to Secure Critical OT Infrastructure at Major Energy Company (Mar 07, 2022)

  ASHBURN, Va., March 2, 2022 /PRNewswire/ -- SteelCloud LLC, a leading STIG and CIS compliance automation software developer, announced today its ConfigOS technology has been licensed to a major U.S. energy company to secure Operational Technology (OT) assets.

  SteelCloud's software will be used to harden OT endpoints using the Center for Internet Security (CIS) industry-standard for system-level controls. The initial implementation will be deployed to support the NIST security framework and will include thousands of process control and SCADA assets. The ConfigOS agent-less architecture provides unique benefits to OT operators because it performs its cyber work without the need to load software on OT assets.

  According to Gartner, "attacks on organizations in critical infrastructure sectors have increased dramatically, from less than 10 in 2013 to almost 400 in 2020 — a 3,900% change." Gartner also predicts that by 2025, "30% of critical infrastructure organizations will experience a security breach that will result in the halting of an operations- or mission-critical cyber-physical system."

  "With the convergence of IT and OT networks, securing those assets from cyber-attack is more important today than ever," said Curtis Dukes, CIS Executive Vice President and General Manager, Security Best Practices. "SteelCloud's application uses CIS consensus-based Benchmarks to significantly reduce common threats such as malware, insufficient authorization, and remote intrusion."

  "With the most recent attacks and the guidance provided by CISA and NIST, critical infrastructure organizations are beginning to increase their focus on improving OT security, said Brian Hajost, SteelCloud Chief Operating Officer. "Companies which have standardized on the high-level NIST framework are looking to implement the proper system-level controls necessary to effect the proper security hardening. The industry-standard CIS Benchmarks define the answer, and our ConfigOS software was chosen to automate these security controls in the most efficient and effective manner possible."

  About ConfigOS
  SteelCloud's ConfigOS software is currently implemented in hundreds of commercial and government organizations. Use cases for ConfigOS range from business, cloud, SCADA, and weapon systems. ConfigOS scans and remediates hundreds of system-level controls in minutes. Automated remediation rollback as well as comprehensive compliance reporting and SIEM dashboard integration is provided. ConfigOS was designed to harden hundreds of system-level controls around an application stack in about 60 minutes - typically eliminating weeks or months from the RMF accreditation timeline. ConfigOS addresses Microsoft Windows workstation and server operating systems, SQL Server, IIS, IE, Chrome, and all of the Microsoft Office components. The same instance of ConfigOS addresses CISCO network devices, Apache, Red Hat 5/6/7/8, SUSE, CENTOS, Ubuntu, and Oracle Linux. Learn more at https://www.steelcloud.com/configos-cybersecurity/.

  About SteelCloud
  SteelCloud develops STIG and CIS compliance software for government and commercial customers. Our products automate policy and security remediation by reducing the complexity, effort, and expense of meeting government security mandates. SteelCloud has delivered security policy-compliant solutions to enterprises worldwide, simplifying implementation and ongoing security and compliance support. SteelCloud products are easy to license through our GSA Schedule 70 contract. SteelCloud can be reached at (703) 674–5500 or info@steelcloud.com. Additional information is available at www.steelcloud.com, or contact Jamie Coffey at jcoffey@steelcloud.com.

  About CIS
  The Center for Internet Security, Inc. (CIS®) makes the connected world a safer place for people, businesses, and governments through our core competencies of collaboration and innovation. We are a community-driven nonprofit, responsible for the CIS Critical Security Controls® and CIS Benchmarks™, globally recognized best practices for securing IT systems and data. We lead a global community of IT professionals to continuously evolve these standards and provide products and services to proactively safeguard against emerging threats. Our CIS Hardened Images® provide secure, on- demand, scalable computing environments in the cloud. CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial (SLTT) government entities, and the Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®), which supports the rapidly changing cybersecurity needs of U.S. election offices. To learn more, visit CISecurity.org or follow us on Twitter: @CISecurity.

• News: SteelCloud Named Amongst "2021 Top 10 Endpoint Solution Providers" by GRC Outlook Magazine (Mar 07, 2022)

  ASHBURN, Va., Jan. 12, 2022 /PRNewswire/ -- SteelCloud LLC, a STIG and CIS compliance automation software developer, announced today that it has been selected as one of the "Top 10 Endpoint Solution Providers for 2021" by GRC Outlook  Magazine.

  GRC Outlook compiled a list of some of the most innovative and creative endpoint security solution providers that will defend your endpoints and perform your business operations without worrying about the ever-evolving threats.

  SteelCloud empowers commercial enterprises, DoD/government customers, and systems integrators/consultants with automated policy compliance solutions. SteelCloud software ensures that security controls are easily hardened around each customer application stack, thereby building the strong foundation for a secure environment. In production, the SteelCloud software is used to eliminate drift and keep workstations and servers in compliance with industry benchmarks and organizational mandates. The result is faster implementation and higher systems availability.  While federal IT security teams must comply with the technical testing and hardening framework represented by the STIGs, SteelCloud's software also automates CIS controls for state/local and commercial customers.

  To see the full Top 10 list, visit: https://grcoutlook.com/endpoint-solution-providers/

  About GRC Outlook Magazine
  GRC Outlook Magazine, a team of industry veterans, editors, and cybersecurity specialists are on a constant quest to portray the best and the most innovative security solutions available in the industry so that you don't' have to take the trouble of finding the finest technology partner. In addition, our print and digital magazine provide CIOs and CISOs viewpoints on the latest security and compliance trends that are existing in the industry. https://grcoutlook.com/ 

  About SteelCloud
  SteelCloud develops STIG and CIS compliance software for government customers and those technology providers that support the government. Our products automate policy and security remediation by reducing the complexity, effort, and expense of meeting government security mandates. SteelCloud has delivered security policy-compliant solutions to enterprises worldwide, simplifying implementation and ongoing security and compliance support. SteelCloud products are easy to license through our GSA Schedule 70 contract.  SteelCloud can be reached at (703) 674–5500 or info@steelcloud.com.  Additional information is available at www.steelcloud.com

• White Paper: eMASS Automation – The Search for a Solution to Unite and Automate Security Compliance Data (Mar 07, 2022)

  Our White Paper eMASS Automation – details how to ensure a real-time view of security and compliance with SteelCloud’s new software for easy synchronization of massive numbers of checklist files, eMASS data, and SIEM dashboards-everything in synch, everything up to date.

  https://www.steelcloud.com/wp-content/uploads/2022/01/protected-eMASS-WPaper-01.11.22-FINAL-2021-PR.pdf

• Crosswalks: STIG & CMMC Control Matrixes – NIST 800 – 171 (Mar 07, 2022)

  Meeting the Security Technical Implementation Guide (STIG) compliance mandates has always been challenging, especially when you depend on tedious manual processes. To enable NIST compliance readiness, we’ve created a series of STIG & CMMC Control Crosswalk documents to assist in the Cybersecurity Maturity Model Certification (CMMC) compliance effort, specific to the controls. These documents cross reference the different compliance control sets and are addressed in three sections.

  • Section One: The first section references the CMMC controls in relation to the STIG V-IDs.

  • Section Two: The second section reverses this logic to show CMMC controls first.

  • Section Three: The third section is a high level CMMC matrix.

  Complete the form to download all of the listed Crosswalks today!

  1. Google Chrome

  2. Microsoft Edge

  3. Red Hat 7

  4. Red Hat 8

  5. Windows 10

  6. Windows Server 2016

  7. Windows Server 2019

  https://www.steelcloud.com/crosswalks-stig-cmmc-control-matrixes/

• Use Case: How SI’s Achieve Faster ATOs with SteelCloud (Mar 07, 2022)

  SteelCloud has been ahead of the curve in meeting DISA standards, revolutionizing STIG/CIS compliance with our ConfigOS automation software. Proven by 8 of the top 10 systems integrators (and throughout DoD agencies) ConfigOS eliminates months of unnecessary work from operational timelines and ensures rapid, sustainable ATOs. It has been repeatedly proven to scan 3000-5000 endpoints per hour and remediate 500-3000 endpoints per hour without human intervention. You can now harden policy controls against an application stack in just an hour where it took days, weeks or months before. 

  See how SteelCloud helped a leading SI Reduce effort by 92% while keeping quality of work and security the same. https://www.steelcloud.com/wp-content/uploads/2021/03/CS-AchieveFasterATOs-03.15.21-OL.pdf

• SteelCloud Software Automates eMASS and Splunk Data Integration (Apr 06, 2022)

  ConfigOS accelerates RMF with automated Bulk Checklist Production on eMASS and Splunk Data Integration.

  ASHBURN, Va., April 5, 2022 /PRNewswire/ — SteelCloud LLC, a leading STIG and CIS compliance automation software developer, announced today the availability of a new release of its ConfigOS software that creates bulk STIG Viewer checklists and integrates human and machine controls into data feeds for eMASS and Splunk.

  Over the past year, SteelCloud has worked with its military customers and DISA to reinvent the cumbersome effort necessary to complete and load STIG Viewer Checklist data into eMASS. This new capability automates the integration of documentation, manual, and control exceptions with machine controls to create fully populated Checklists in bulk. SteelCloud's ConfigOS software automates the production of thousands of completed checklists, for an entire infrastructure, with only a few keystrokes. Furthermore, ConfigOS consolidates all the checklist data, for thousands of systems and dozens of STIG policies, into a single ARF and a single ASR file for easy importation into eMASS. Additionally, ConfigOS automatically integrates STIG Viewer checklist manual controls into its data feeds for Splunk or the customer's SIEM of choice. For many customers, SteelCloud's ConfigOS provides the first COTS application capable of viewing manual control compliance data from a SIEM dashboard.

  "This new automation is a game-changer for our DoD customers looking to enhance their RMF processes," said Brian Hajost, SteelCloud Chief Operating Officer. "Our software saves over 95% of the effort to complete Checklists and load eMASS, and it automates this process in near real-time, ensuring the synchronization of the environment, the Checklists, eMASS, and SIEM. Our integrated output allows our customers to see, for the first time, 100% of the STIG Viewer Checklist information in a SIEM dashboard."

  About ConfigOS
  SteelCloud's ConfigOS software is currently implemented in hundreds of commercial and government organizations. Use cases for ConfigOS range from business, cloud, SCADA, and weapon systems. ConfigOS scans and remediates hundreds of system-level controls in minutes. Automated remediation rollback, as well as comprehensive compliance reporting and SIEM dashboard integration, are provided. ConfigOS was designed to harden hundreds of system-level controls around an application stack in about 60 minutes - typically eliminating weeks or months from the RMF accreditation timeline. ConfigOS addresses Microsoft Windows workstation and server operating systems, SQL Server, IIS, IE, Chrome, and all of the Microsoft Office components. The same instance of ConfigOS addresses CISCO network devices, Apache, Red Hat Enterprise 5/6/7/8, SUSE, CENTOS, Ubuntu, and Oracle Linux. Learn more at https://www.steelcloud.com/configos-cybersecurity/.

  About SteelCloud
  SteelCloud develops STIG and CIS compliance software for government and commercial customers. Our products automate policy and security remediation by reducing the complexity, effort, and expense of meeting government security mandates. SteelCloud has delivered security policy-compliant solutions to enterprises worldwide, simplifying implementation and ongoing security and compliance support. SteelCloud products are easy to license through our GSA Schedule 70 contract. SteelCloud can be reached at (703) 674–5500 or info@steelcloud.com. Additional information is available at www.steelcloud.com, or contact Jamie Coffey at jcoffey@steelcloud.com.

  About eMASS
  eMASS is a computer application owned by the DoD that supports Information Assurance (IA), program management, and the Risk Management Framework (RMF). It helps the DoD maintain IA situational awareness, manage risk, and comply with FISMA. eMASS is managed by the Defense Information Systems Agency (DISA) and supports both pre-production and fielded systems.

 Products