Continuous monitoring and compliance with NIST SP 800-53 and CMMC 2.0 based requirements requires the timebound orchestration of management, remediation and reporting activities. stackArmor’s cloud security and compliance experts operate a 24/7 continuous monitoring and support to help organization’s easily comply with their obligations. The services provided support the full-stack and includes application security through OWASP compliant web scanning, security operations including vulnerability scanning, logging, monitoring and alerting. Our ThreatAlert(R) Security Workbench helps reduce the time and cost of continuous monitoring operations.
cATO and Continuous Monitoring
stackArmor provides tailored ConMon reports with daily, weekly and monthly activities in compliance with the 58 plus controls identified by FedRAMP. stackArmor’s ConMon team works as an integrated unit with the client’s cloud team and is based in Washington DC. stackArmor’s dedicated US based Continuous Monitoring team delivers 24/7 alerting for NIST, DOD DISA, OWASP, FedRAMP and other Industry best practices and standards. The table below provides an overview of the threats and vulnerabilities included in the service.
| Service Scope | Description | Frequency of Check/Scan |
| Security Operations | Real-time monitoring and alerting of critical and high events for service integrity and availability. | Continuous |
| Vulnerability Management | Scans and reports operating system and application server vulnerabilities based on NIST CVE scores. | Recommended at least monthly but could be more frequent |
| Container Security | Deep scan of container image for common vulnerabilities based on NIST CVE scoring. | Recommended as part of the CI/CD pipeline |
| Operational Threats | Aggregated collection of findings, co-relation analysis and reporting & remediation tracking. | Continuous |
| Data Files | Advanced intrusion detection to detect file integrity issues and report system intrusions. | Continuous |
| Anti-Virus and Malware Scanning | Integrated antivirus engine for detecting trojans, viruses, malware & other malicious threats. | Continuous |
| POA&M, DR and Compliance Reporting | Automated change management, incident tracking, inventory reporting, POA&M and Deviation Requests (DR) automation. | Continuous |
The service is constantly being enhanced and augmented to cover new types of threats and vulnerabilities to provide highly responsive and updated security coverage. Schedule a briefing with us to learn about the ThreatAlert(R) Security Workbench for reducing the time and cost of continuous monitoring and cATO capabilities.
stackArmor provides FedRAMP, FISMA/RMF, and CMMC/DFARS compliance acceleration services on Amazon Web Services (AWS). stackArmor’s ThreatAlert® Security Platform reduces the time and cost of an ATO by 40%. We serve enterprise customers in Defense, Aerospace, Space, Government, and Healthcare markets as well as ISV’s looking to offer cloud solutions for Government.
Menu
Blog
© stackArmor. All Rights Reserved 2024.
