stackArmor ThreatAlert ConMon and ATO Accelerator
ThreatAlert® is a compliance accelerator for FedRAMP, FISMA/RMF and CMMC accreditation on AWS and AWS GovCloud. The cloud security general security system (GSS) maps to NIST SP 800-53 security controls for FedRAMP High, Moderate, Low and DOD CC SRG IL-2, IL-4 or IL-5 baselines including for handling CUI. stackArmor ThreatAlert offers flexible deployment models including an “in-boundary” installation that ensures that security data does not leave the system boundary. This deployment model is especially useful for FedRAMP, FISMA and DFARS compliance use cases and does not require access to the AWS console.
Key features of the stackArmor ThreatAlert® solution include:
- “In-boundary” deployment of FedRAMP, FISMA/RMF, CMMC compliant security services
- ATO compliance documentation with security control descriptions, plans and procedures
- Continuous Monitoring and Managed Compliance Services
- End to end strategic advisory including FedRAMP compliance strategy, multi-tenancy architecture and augmentation support
- Vetted solution as part of the ATO on AWS program and AWS Consulting Offer Marketplace
- Compliant with security standards including CIS Benchmarks, FIPS 140-2, OWASP, FedRAMP and CMMC
The ThreatAlert® solution provides a flexible and extensible accelerator for continuous monitoring, cybersecurity vulnerability assessment and compliance reporting. Key use cases supported by stackArmor ThreatAlert™ include:
- FedRAMP P-ATO Acceleration for Startups, ISV’s, Small Businesses and Commercial organizations requiring to meet FedRAMP Low, Moderate, High or DOD CC SRG IL-2, IL-4 or IL-5 baselines. Click here to request a free briefing.
- FISMA/RMF ATO Acceleration for Government Program Managers migrating applications to AWS or AWS GovCloud and requiring security services, controls and SA&A package for Authority To Operate (ATO). Click here to schedule a free capability briefing and let us show you how we helped Department of Education’s MyFAFSA system obtain an ATO in less than 60 days.
- CMMC Level 3 and Level 5 compliance for Government contractors, Educational institutions and Federally funded organizations requiring backoffice hosting, communication & collaboration services . Click here to schedule a free briefing on how we have helped a number of small businesses and large contractors get ready for CMMC with ThreatAlert®.
In addition to our primary use cases, we also support PCI-DSS, HIPAA and SOC2 compliant environments for security focused organizations looking to implement security best practices and protecting their data. Schedule a free consultation to see if we can perform cybersecurity risk assessment, penetration testing or vulnerability scans for your system.
The stackArmor ThreatAlert® can be deployed as a stand-alone security operations solution or can be combined with some of our other accelerators for systems operations and compliance reporting. The stackArmor Cybersecurity Platform includes all of our security and cloud governance modules that include:
- Cybersecurity Services: Our Cloud Security System includes a comprehensive suite of services that augment AWS native services. Typical security services included are SIEM, Intrusion Detection, Intrusion Prevention, Host-based Security Services, Vulnerability Scanning and Privileged Access Management, Incident Management and Continuous Monitoring & Alerting among others.
- Documentation Services: Compliance with FedRAMP, FISMA/RMF or CMMC requires the creation of policies, procedures and plans that map to the 17 control families and practices. We provide plans like the System Security Plan (SSP), Continuous Monitoring Plan, as well as procedures and control implementation description in FedRAMP PMO prescribed templates with pre-filled content for reducing the compliance burden.
- Continuous Monitoring Services: We provide security logging, monitoring and alerting with a predefined auditable events library, dashboard and report structure that is optimized for Windows, Linux and Serverless components and meet FedRAMP Continuous Monitoring controls. Our continuous monitoring is performed “in-boundary” wherein the security data is co-located in the customers’ account thereby making the ATO assessment easier. The data is collected, stored and processed in our Cloud Log Aggregation Warehouse (CLAW).
- Licensing Services: We provide streamlined AWS, security software and management services for all of the 18 security services including value-added reseller discounts. You only get a single consolidated ThreatAlert® bill.
- AWS Engineering and Augmentation Services: We are a full-service AWS architecture, migration and managed services solutions provider and are able to augment our customers’ teams to help meet surge needs or address skills gaps. We offer flexible pricing models including T&M or FFP.
Please feel free to contact us and schedule a free demo of ThreatAlert®. It is a fully vetted solution optimized to reduce the time and cost of FedRAMP, FISMA/RMF and CMMC compliance. The solution is deployed using the AWS Landing Zone pattern within a customers’ master account and supports multiple workloads and enclaves.
Benefits of ThreatAlert® ATO and ConMon Acceleration Service
Agile deployment of security and monitoring services
ThreatAlert® is deployed “in-boundary” using Infrastructure-as-Code (IaC) automation and includes rapid installation, configuration and integration with tenant application, data and user services. All security services for SIEM, IDS/IPS, VPN, Anti-Virus, HBSS, Vulnerability Scanning, MFA and Monitoring are are deployed in a single sprint and help save time and money in expensive engineering services. This is especially important when meeting tight assessment deadlines and contract milestones.
40% reduction in cost with integrated security package
Our unique ATO accelerator provides a “pre-fab” security stack that is accompanied with the complete set of documentation templates with pre-filled security control descriptions. We are the only ATO acceleration solution provider that transparently shares the controls matrix meeting more than 60% of the controls for FedRAMP, DOD CC SRG and CMMC compliance.
Post-ATO support and managed services
Post-ATO continuous monitoring, POAM reporting and managed services support delivered as an integrated package with flexibility and customization of roles & responsibilities tailored to client requirements. This includes tailored ConMon reports developed from the ThreatAlert® Cloud Log Aggregration Warehouse (CLAW).
Tailored Delivery Model
ThreatAlert® is uniquely designed to provide a comprehensive and tailored service that accommodates specific client requirements around tools, integrations and hybrid team models. The service includes the entire range of FedRAMP advisory services and is priced as well as delivered in modular components that allows the customer to pick and choose specific components that best meet their needs. Further, we provide highly simplified and streamlined pricing based on micro, small, medium or large environments that includes virtual machines, containers or serverless components. Contact us to schedule a free consultation and see if we can assist in your FedRAMP ATO acceleration efforts.
The pricing model is flexible and is based on the size of the environment as follows:
- stackArmor Security and Compliance Platform (Dedicated Deployment Model)
- Full-stack alerting and monitoring Small environment with less than 25 instances : $96,000 Annual Subscription
- Full-stack alerting and monitoring Medium environment with between 25-50 instances : $192,000 Annual Subscription
- Please send us an email to solutions at stackArmor dot com for large environments.
- stackArmor Security and Compliance Platform (Shared Deployment Model)
- Full-stack alerting and monitoring Small environment with less than 25 instances : Annual Subscription benchmarked to AWS spend.
- Full-stack alerting and monitoring Medium environment with between 25-100 instances : Annual Subscription benchmarked to AWS spend.
- Please send us an email to solutions at stackArmor dot com for large environments.
Accelerating FedRAMP, FISMA or CMMC ATOs with a Cloud GSS
Contact Us for Free Consultation
Learn more about ThreatAlert® and contact us for a free consultation and ask for sample reports. Fill out form to contact a stackArmor Cybersecurity Specialist.
Vulnerability Management and Penetration Testing on AWS Cloud