Tag Archives: Security Technical Implementation Guide

DoD Adds Over 50 Fortinet Security Fabric Platforms to Approved Products List; Bob Fortna Quoted

Fortinet has received a Defense Department certification that allows the company to offer additional security platforms to DoD agencies to meet their cybersecurity requirements. The company said Thursday more than 50 additional Fortinet Security Fabric offerings were added to the DoD Information Network Approved Products List following the completion of …

Read More »

Crunchy Data Unveils Open Source Security Compliance Automation Platform

Crunchy Data has unveiled an open source project with the goal to help agencies automate compliance with the Defense Department‘s security standards dubbed Security Technical Implementation Guide. The company said Tuesday it developed the PostgreSQL STIG Automation project to support the National Geospatial-Intelligence Agency‘s efforts to accelerate the authority-to-operate certification process for cloud platforms. …

Read More »

Metronome-MobileIron Team Secures DHS SBIR Grant to Develop Mobile Security Tech

A MobileIron–Metronome Software team has received a $749,930 grant from the Department of Homeland Security‘s Science and Technology Directorate to develop technology for first responders to secure mobile device-based sensor systems. Both companies will work to create a security overlay designed to comply with security and data provenance requirements under the Next Generation …

Read More »

DOE Taps SteelCloud to Provide Security Compliance Automation Tool

SteelCloud has received a contract from the Energy Department to provide a remediation platform designed to automate compliance of applications and deployed data infrastructure with the Security Technical Implementation Guide. The company said Thursday ConfigOS works to scan endpoint platforms against STIG controls within a minute and remediate endpoints within 90 seconds. Brian …

Read More »

GSA Adds Crunchy Data’s PostgreSQL Enterprise Support, Professional Services to Schedule 70

Crunchy Data has secured a position on the General Services Administration‘s Information Technology Schedule 70 contract vehicle to offer open-source database enterprise and engineering support and professional services to the federal government. The company said Wednesday that its five-year contract with the GSA includes the PostgreSQL Professional Services and the PostgreSQL Secure Enterprise Support that will provide  government customers …

Read More »

DISA Updates VMware vSphere STIG to Add Software-Defined Storage Platform; Bill Rowan Comments

The Defense Information Systems Agency has updated its Security Technical Implementation Guide for VMware’s vSphere offering to include the company’s hyper-converged infrastructure platform. DISA’s upgraded STIG seeks to offer cybersecurity policies and guide agencies on how to install the VMware vSAN HCI system in Defense Department-run networks in compliance with the department’s …

Read More »

SteelCloud to Support DoD Windows 10 Deployment Through STIG Compliance Platform

SteelCloud has received a contract from a Defense Department component to provide a security compliance automation platform to support DoD’s deployment of the Windows 10 operating system. The company said Thursday its ConfigOS platform is designed to automate compliance with the Security Technical Implementation Guide as well as support Risk Management Framework accreditation. …

Read More »

DISA Issues Security Technical Implementation Guide for Crunchy Data’s PostgreSQL Database

The Defense Information Systems Agency has released a Security Technical Implementation Guide for Crunchy Data Solutions‘ relational database management platform. DISA’s STIG for Crunchy Data’s PostgreSQL database seeks to guide agencies on how to field the database platform in government-run networks in compliance with the Defense Department’s security requirements, the company said Thursday. PostgreSQL is an open-source …

Read More »

Red Hat Gets NIST Certification for Open-Source Security Compliance Scanner

The National Institute of Standards and Technology has approved Red Hat‘s open-source security content automation protocol scanner for deployment on the U.S. government’s Enterprise Linux 6 and 7-based systems. Red Hat said Friday that NIST certified the OpenSCAP 1.2 platform’s capacity to analyze and evaluate security automation content as well as address functionality and documentation requirements in …

Read More »

Navy Chooses SteelCloud Platform to Automate STIG Compliance Process

A U.S. Navy component has awarded SteelCloud a contract through the General Services Administration‘s Schedule 70 procurement vehicle to supply the military branch with a security compliance automation platform. The company said Thursday it will provide its ConfigOS platform to the Navy in an effort to help automate the Security Technical Implementation Guide remediation process and support Risk Management Framework accreditation for …

Read More »

Bill Rowan: DISA Issues Security Technical Implementation Guide for VMware Mobility Mgmt Platform

The Defense Information Systems Agency has released a Security Technical Implementation Guide for the latest version of VMware’s enterprise mobility management platform. DISA’s STIG for VMware AirWatch 9.X seeks to provide cybersecurity policies and guide agencies on how to install the platform for use on Defense Department-run networks, the company said Thursday. Bill Rowan, vice president of …

Read More »

DISA Releases VMware NSX Security Technical Implementation Guide for DoD Network; Bill Rowan Comments

The Defense Information Systems Agency has released a Security Technical Implementation Guide for VMware‘s NSX software-defined networking platform to verify the technology’s compliance with security requirements for installation on Defense Department networks. VMware said Monday STIG confirms that the NSX implementation follows DoD cybersecurity policies, standards, architectures, security controls and validation procedures, as well as applies NIST SP …

Read More »

DISA Grants STIG Certification to MobileIron Security Platform; Barry Mainz Comments

The Defense Information Systems Agency has issued its Security Technical Implementation Guide approval to a MobileIron-built mobile device management platform for deployment at the Defense Department. DISA cleared the MobileIron Core platform for use on iOS and Android devices in certain DoD-run networks, the company said Thursday. “The DoD Mobile Device Strategy encourages a highly mobile workforce for …

Read More »