compliance to enable security - qmulos · · 2016-08-02compliance to enable security ... ,...
TRANSCRIPT
Compliance to Enable Security – Q-Compliance Automated Compliance based on 800-53r4 ©2015 Qmulos, LLC. All rights reserved.
Q-COMPLIANCE
Compliance to Enable Security
Organizationswillimmediatelynoticeadecreaseinlaborhoursinrespondingorgatheringdata,whichpreviouslyrequiredmoremanualmeansofcompilation.Q-Compliancegeneratescompliancereports,securitypostures,andscoresinanumberofways,providingforafocusedviewofyourcompliancemonitoringefforts.
AsacompletesolutionbasedontheNISTSP800-53r4ControlsCatalogue,itsupportsusecasesforFISMAcompliance,DoD/ICadoptionofRMF,defensecontractorsseekingDFARcompliancewithNISTSP800-171,aswellas publicandprivatesectorentitiesusingtheNISTRiskManagementFramework.
OurSolution:
ShowsauditorsauditableevidencebasedonSP800-53r4,aswellasNISTCybersecurityFrameworkandSANSCriticalControlsstandards.ForthosewithrobustSplunkdeployment,thereisminimalsetupandnoneedtomodifydatafeeds.
Utilizesaflexiblearchitecturethatensuresthatallofyourcompliancedatawillbecollected,correlated,andanalyzedtoderivecompliancemetricsandpostures.
AchievesmaximumefficiencybytreatingyourexistingSplunkinfrastructureastheauditingevidencerepository,leveragingSplunk’srobustdatacapabilitiestoprovideabsoluteenvironmentalcontext.
Providestheauditorwithacentralizedlocationforpolicystatements,configurationsettings,andtheassociateddata,expeditingtheauditprocess,savingorganizationsvaluabletimeandresources.
Q-Complianceenablesanalyststoidentifyareasofinadequatecompliance,isolateconfigurationsettingsthatneedtobeimplementedtoachievecompliance,andverifycompliancethroughdataanalysis.Eachcontrolhasapagededicatedtoitscompliance,providingevidenceofimplementationandstatus.
QmulosisproudtoreleasethemostadvancedandcompleteQ-
complianceapplicationcurrentlyinthemarket.UtilizingSplunk,QmulosEnterpriseCompliance(Q-Compliance)aggregatesandnormalizesrelevantcontroldata,creatingdashboardsandeasilyreferencedlinksbetweenpolicystatements,configurablesettings,andlogdata.
Complianceisbuilt onSplunk® Enterprise
Compliance to Enable Security – Q-Compliance Automated Compliance based on 800-53r4 ©2016 Qmulos, LLC. All rights reserved.
2
EXECUTIVE OVERVIEW
• Produces organizational compliance scoresandtrendswhileofferingdrill-downviewstoidentifytroublespots
• Uses built-in scoring methodology that canbe adjusted based on excepted andinheritedcontrols
ENTERPRISE OPPORTUNITIES • Provides snapshot of compliance scores
grouped into five enterprise solutiondomains: vulnerability management,hardware assetmanagement, software assetmanagement, configuration management,andenterpriseaudit
• Facilitates investment decisions whenidentifying product categories that will raisecompliancescores
COMPLIANCE OVERVIEW DASHBOARDS • Relies on innovative visualizations and drill-down
views that enable auditors and analysts to quicklylinkcontrolstosupportingevidence
• Monitors compliance at the organization, system,control family, or control level through interactivedashboards
Security is hard; compliance shouldn’t be. [email protected],visitwww.qmulos.com,orcall1-844-476-8567formoreinformationortoscheduleanon-sitedemo.