Compliance Acceleration for DFARS and CMMC
By using AWS FedRAMP accredited cloud services, stackArmor provides an integrated continuous monitoring and compliance solution that includes (1) technical controls, (2) systems security plan documentation, and (3) managed services. ISV’s, SaaS providers, Federal Agencies and Government Contractors can dramatically reduce the cost of delivering a FedRAMP, FISMA, or DFARS compliant environment using stackArmor ThreatAlert®.
stackArmor ThreatAlert® system provides security for coverage for CUI mapping to CMMC Level 3 through Level 5. The infographic below provides a high-level overview of our solution.
The platform is deployed “in-boundary” through the stackArmor ThreatAlert® Security Account and delivered as a fully managed service ensuring that all customer data stays within their account. The solution offers a number of integrations and services out of the box including:
- “In-boundary” deployment of a dedicated enclave for hosting CUI
- CMMC compliance documentation with security control descriptions, plans, and procedures
- Continuous Monitoring and Managed Compliance Services
- End to end strategic advisory including CMMC compliance strategy, multi-tenancy architecture, and augmentation support
- The vetted solution as part of the ATO on AWS program and AWS Consulting Offer Marketplace
- Compliant with DOD requirements such as DISA STIG’s, FIPS and CIS Benchmarks
The ThreatAlert® solution includes the following components:
- ThreatAlert® Gov Landing Zone provides a dedicated authorization boundary with the ability to host multiple applications and meet stringent CUI processing requirements. Learn more.
- ThreatAlert® Security Platform delivers a comprehensive suite of security services mapped to DFARS and CMMC requirements including SIEM, MFA, Vulnerability Management, Web Application Scanning, Incident Management, and DevSecOps integration. The architecture is based on a landing zone pattern that delivers common security and management services and serves as a Cloud GSS (General Support System). The services include a comprehensive auditable events dashboard, alerting and reporting for continuous monitoring and reporting, and a Cloud Log Aggregation Warehouse (CLAW) for centralized log collection, correlation analysis, and threat detection. Learn more.
- ThreatAlert® Compliance Docs is the included documentation package that with policies, procedures and plans such as System Security Plan (SSP), Continuous Monitoring Plan, Incident Response Plan, Configuration Management, and associated appendices in compliance with FedRAMP, DOD CC SRG and CMMC requirements and templates.
- ThreatAlert® Con Mon and Managed Services provides continuous monitoring, reporting, alerting, and compliance services as per FedRAMP requirements. The Continuous Monitoring and Managed Security Services are delivered based on required SLA’s for meeting daily, weekly, monthly, quarterly, and annual activities as required by DFARS and CMMC. Learn more.
Have questions about CMMC compliance requirements? Submit the form below to learn more about how ThreatAlert® can help reduce the time and cost of your CMMC project by 40%.