ThreatAlert® Security Platform

Organizations looking to comply with NIST SP 800-53 or NIST SP 800-171 security requirements for obtaining an Authority-To-Operate (ATO) for FedRAMP, FISMA, and DFARS compliance can save over 40% in time and cost with the ThreatAlert® Cloud GSS (Gov Security System). ThreatAlert® Cloud GSS provides system provides security, networking and management services mapped to NIST SP 800-53 security controls and is engineered as a General Support System (GSS) based on NIST terminology with integrated cloud-native security and shared services that map to technical controls required by NIST SP 800-53 and NIST SP 800-171 for FedRAMP, FISMA and CMMC compliance. The ThreatAlert® Cloud GSS  allows for multiple applications and users to leverage pre-integrated security services such as vulnerability management, anti-virus & malware protection, OWASP application scanning, continuous monitoring, patching and boundary protection including multi-factor authentication. stackArmor ThreatAlert® Cloud GSS is part of the ATO on AWS program and was 1 of 8 inaugural launch Consulting partners.

Using the AWS FedRAMP accredited cloud services, stackArmor provides an integrated continuous monitoring and compliance solution that includes (1) technical controls, (2) systems security plan documentation, (3) managed services and (4) compliance with FIPS 140-2, CIS benchmarks and relevant DOD requirements. ISVs, SaaS providers, Federal Agencies and Government Contractors can dramatically reduce the cost of delivering a FedRAMP, FISMA, or DFARS compliant environment using stackArmor ThreatAlert® Cloud GSS (Gov Security System). The infographic below provides a high-level overview of our solution.

 

The ThreatAlert® Security System is deployed “in-boundary” through Infrastructure-as-Code (IaC) and delivered as a fully managed service ensuring that all customer data stays within their account and includes the following services:

1.Code analysis
2.Vulnerability scanning
3.Web vulnerability scanning
4.Container vulnerabilities
5.IDS/IPS
6.Anti-Virus, malware protection
7.Security Incident Event Management (SIEM)
8.Hardening using CIS benchmarks
9.Patch management
10.Cloud monitoring
11.Alerting
12.Incident management
13.Cloud system operations monitoring
14.Centralized log aggregation warehouse
15.Centralized account management and MFA
16.Compliance reporting
17.Boundary protection
18.Secure access management

All security services are mapped to NIST SP 800-53 controls and are either fully covered, partially covered or are inherited through AWS provides services such as AWS SecurityHub, CloudTrail, GuardDuty and WAF. These services are supplemented with vetted third-party COTS solutions such as TrendMicro DSM, Splunk, AppGate, Acunetix, Tenable Nessus and the stackArmor ThreatAlert®  Portal. Do you want to learn about our ThreatAlert® ATO Accelerator solution? Do you need a ready to go security solution for meeting your security and compliance needs?

Have questions? Get in touch with us by submitting the Contact Form below: