Security Technical Implementation Guide

DISA Validates Security Technical Implementation Guide (STIG) for Mirantis Kubernetes Engine

Retrieved on: 
Wednesday, April 24, 2024
Defense, Security, Apps, Applications, Technology, Software, Military, Networks, Container, Public sector, Organization, Information, MKE, Department of Defence, DISA, Environment, FedRAMP, Security Technical Implementation Guide, Government, Medical device

Mirantis , providing organizations with total control over their strategic infrastructure using open source software, today announced the Defense Information Systems Agency (DISA) has published and validated the Security Technical Implementation Guide (STIG) for Mirantis Kubernetes Engine (MKE) – also sold as Containers as a Service-Government (CAAS-G) in public sector markets.

Key Points: 
  • Mirantis , providing organizations with total control over their strategic infrastructure using open source software, today announced the Defense Information Systems Agency (DISA) has published and validated the Security Technical Implementation Guide (STIG) for Mirantis Kubernetes Engine (MKE) – also sold as Containers as a Service-Government (CAAS-G) in public sector markets.
  • Future releases of MKE can be quickly validated, and the corresponding STIG updates published by Mirantis – working in cooperation with DISA, who maintains the model STIGs for upstream Kubernetes and the DevSecOps reference design for CNCF Kubernetes .
  • STIG validation is a security review and configuration standard that helps ensure IT products and military agencies are complying with DoD security policies.
  • The STIG for MKE includes technical guidance for establishing a secure software supply chain using the platform.

Rancher Government Solutions and Curtiss-Wright Collaborate to Bring Enterprise-Class Cloud Capabilities to the Tactical Edge

Retrieved on: 
Wednesday, April 17, 2024
Apps, Applications, Technology, Security, Military, Software, Networks, Government Technology, Internet, Data Management, Defense, Channel, PacStar, Curtiss-Wright, RGS, MCM, Unitary state, DISA, Cloud computing, Senior, Security Technical Implementation Guide, HCI, Ranch, RVP, Multimedia, Harvester, Government, Video game

Rancher Government Solutions (RGS), the leading provider of Kubernetes and container management solutions to the U.S. Government, today announced a strategic alliance and reseller agreement with Curtiss-Wright’s Defense Solutions Division .

Key Points: 
  • Rancher Government Solutions (RGS), the leading provider of Kubernetes and container management solutions to the U.S. Government, today announced a strategic alliance and reseller agreement with Curtiss-Wright’s Defense Solutions Division .
  • Working in collaboration, the two companies will bring Kubernetes to the tactical edge, extending the public, private, hybrid, and government cloud, from all leading cloud service providers, to disrupted, disconnected, intermittent and low-bandwidth (DDIL) environments while maintaining stringent U.S. Government Security Regulations.
  • We are very excited to partner with Rancher Government Solutions to bring their secure enterprise-class cloud capabilities hosted on the PacStar® 400-Series platform to the tactical edge for the first time,” said Brian Perry, Senior Vice President and General Manager, Curtiss-Wright Defense Solutions Division.
  • “We look forward to extending our relationship with Rancher Government Solutions to develop edge solutions for our customer base.

Velo3D Sapphire Printers Become the First Metal 3D Printers to Achieve the U.S. Department of Defense’s Green-level STIG Compliance

Retrieved on: 
Tuesday, December 5, 2023
Technology, Military, Other Manufacturing, Steel, Semiconductor, Engineering, Satellite, Government Technology, Automotive Manufacturing, Other Defense, Aerospace, Nanotechnology, Manufacturing, Software, Defense, Hardware, Consumer Electronics, NYSE, SIPRNet, Federation, VLD, NIPRNet, Risk, Blog, Multimedia, Information technology, Security Technical Implementation Guide, ITAR, 3D, Government, Certification, 3D printing, Sapphire

The certification allows Sapphire printers to be connected to the DoD’s Secret Internet Protocol Router Network (SIPRNet) and gives customers the confidence their metal 3D printers are hardened against potential cyberattacks.

Key Points: 
  • The certification allows Sapphire printers to be connected to the DoD’s Secret Internet Protocol Router Network (SIPRNet) and gives customers the confidence their metal 3D printers are hardened against potential cyberattacks.
  • Velo3D printers are compliant with the U.S. Department of Defense’s STIG cybersecurity guidelines, giving customers the confidence their additive manufacturing technology is hardened against cyberattacks and other vulnerabilities.
  • Without STIG compliance, government agencies and contractors using metal 3D printers were required to keep them disconnected from network connections.
  • Current Velo3D customers can easily upgrade their existing Sapphire printers to achieve STIG Green-level security.

Eventide Communications' NexLog DX-FIPS Recorders Achieve JITC Certification

Retrieved on: 
Tuesday, November 14, 2023
DISA, Joint, Defense Information Systems Agency, JITC, Radio, Learning, Multimedia, Security Technical Implementation Guide, Joint Interoperability Test Command, Communication, Eventide, Government, NIST, Certification, Medical device, Defense

"The JITC certification is a testament to our unwavering commitment to delivering secure, reliable, and cutting-edge solutions that meet the highest industry standards," said Brad Basile, COO of Eventide Communications.

Key Points: 
  • "The JITC certification is a testament to our unwavering commitment to delivering secure, reliable, and cutting-edge solutions that meet the highest industry standards," said Brad Basile, COO of Eventide Communications.
  • "Our NexLog DX-FIPS recorders not only meet, but exceed the stringent guidelines set by NIST and the various applicable Security Technical Implementation Guides (STIGs) within."
  • Our JITC-approved recorders are designed with military-grade security and reliability to provide clear, reliable audio capture and advanced data management capabilities.
  • If you are interested in learning more about the advantages of implementing JITC-certified recorders, please visit our JITC landing page or contact our Eventide sales team to request a demo today.

SteelCloud Delivers Cyber Compliance Software to a NATO Ministry of Defense

Retrieved on: 
Wednesday, November 1, 2023
Linux, CIS, Stig, DISA, Defense Information Systems Agency, Defense, United States Department of Defense, Security Technical Implementation Guide, Software, STIG, Medical device, Arms industry

ASHBURN, Va., Nov. 1, 2023 /PRNewswire/ -- SteelCloud LLC, a leading STIG and CIS compliance automation software developer, announced today that a NATO Ministry of Defense has licensed its ConfigOS STIG compliance automation software. This is the first expansion of the implementation of ConfigOS into a European defense organization.

Key Points: 
  • ASHBURN, Va., Nov. 1, 2023 /PRNewswire/ -- SteelCloud LLC , a leading STIG and CIS compliance automation software developer, announced today that a NATO Ministry of Defense has licensed its ConfigOS STIG compliance automation software.
  • This is the first expansion of the implementation of ConfigOS into a European defense organization.
  • "The STIGs are the gold standard for cyber hygiene in military computer infrastructures," said Brian Hajost, SteelCloud Chief Operating Officer.
  • The ConfigOS compliance software suite will address hardening and continuous compliance for both Windows and Linux-based computer assets.

SteelCloud Delivers Cyber Compliance Software to a NATO Ministry of Defense

Retrieved on: 
Wednesday, November 1, 2023
Linux, CIS, Stig, DISA, Defense Information Systems Agency, Defense, United States Department of Defense, Security Technical Implementation Guide, Software, STIG, Medical device, Arms industry

ASHBURN, Va., Nov. 1, 2023 /PRNewswire/ -- SteelCloud LLC, a leading STIG and CIS compliance automation software developer, announced today that a NATO Ministry of Defense has licensed its ConfigOS STIG compliance automation software. This is the first expansion of the implementation of ConfigOS into a European defense organization.

Key Points: 
  • ASHBURN, Va., Nov. 1, 2023 /PRNewswire/ -- SteelCloud LLC , a leading STIG and CIS compliance automation software developer, announced today that a NATO Ministry of Defense has licensed its ConfigOS STIG compliance automation software.
  • This is the first expansion of the implementation of ConfigOS into a European defense organization.
  • "The STIGs are the gold standard for cyber hygiene in military computer infrastructures," said Brian Hajost, SteelCloud Chief Operating Officer.
  • The ConfigOS compliance software suite will address hardening and continuous compliance for both Windows and Linux-based computer assets.

HITRUST Assurance Program Selected by Health3PT in Alignment with Recommended Practices

Retrieved on: 
Tuesday, September 19, 2023
Security Technical Implementation Guide, PDF, API, Health, R2, Privacy, Information, HITRUST, Organization, Risk, RDS, UPMC, Medical device, Audit, Risk management, Online shopping

FRISCO, Texas, Sept. 19, 2023 /PRNewswire/ -- HITRUST, the information risk management, standards, and certification body, announced that the Health 3rd Party Trust Initiative (Health3PT) has approved HITRUST as the first assurance supplier supporting the Health3PT Recommended Practices & Implementation Guide. The selection of HITRUST is based on HITRUST's alignment with Health3PT's recommended practices for the healthcare industry to meet the challenges of Third-Party Risk Management (TPRM) for vendor cyber risk.

Key Points: 
  • The selection of HITRUST is based on HITRUST's alignment with Health3PT's recommended practices for the healthcare industry to meet the challenges of Third-Party Risk Management (TPRM) for vendor cyber risk.
  • The Health3PT Recommended Practices were created through the collaborative efforts of members of the Health3PT Council.
  • The HITRUST assurance program is designed to efficiently meet the TPRM needs of organizations in the healthcare industry.
  • "The Health3PT Recommended Practices and the HITRUST assurance program together help the healthcare industry better address 3rd party cyber risk.

Agile Defense's DuroSuite Receives Authority to Operate

Retrieved on: 
Thursday, September 7, 2023
Security Technical Implementation Guide, Defense, API, ARCENT, STIG, GUI, SAP Graphical User Interface, Red Hat, DISA, Artifact, Department of Defence, Defense Information Systems Agency, Medical device

RESTON, Va., Sept. 7, 2023 /PRNewswire/ -- Agile Defense, an innovative IT services and solutions provider, announced today that its Security Technical Implementation Guide (STIG) compliance tool DuroSuite, received an official authority to operate (ATO).

Key Points: 
  • RESTON, Va., Sept. 7, 2023 /PRNewswire/ -- Agile Defense, an innovative IT services and solutions provider, announced today that its Security Technical Implementation Guide (STIG) compliance tool DuroSuite, received an official authority to operate (ATO).
  • DuroSuite enables users to audit and remediate vulnerabilities to ensure cybersecurity standards are maintained in accordance with Defense Information Systems Agency (DISA) requirements.
  • DuroSuite also generates eMASS-ready checklist artifacts within minutes, overall synthesizing hours of complex work into a streamlined, repeatable process.
  • "DuroSuite accomplishes in minutes what it would take an individual over 60-man hours to accomplish," said Agile Defense customer ARCENT ITSS.

U.S. Army Selects BackBox to Automate Multi-Vendor Network Environment

Retrieved on: 
Tuesday, August 29, 2023
Benchmark, Stig, Defense, OS, BackBox, Intelligence, Automation, STIG, Government, Security, Network administrator, Security Technical Implementation Guide, United States Department of the Army, DISA, United States Department of the Air Force, SIPR, NIPR, Department of Defence, Defense Information Systems Agency, Medical device, Mobile phone, DALLAS

DALLAS, Aug. 29, 2023 /PRNewswire/ -- BackBox, the world's most trusted network automation company, today announced the U.S. Army selected BackBox's Network Automation Platform to automate Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) compliance of their multivendor network environment. BackBox integrates with all major network monitoring platforms and has added new features to enable customers to easily migrate from less sophisticated network automation tools to BackBox.

Key Points: 
  • BackBox automates DISA STIG compliance, saving network administrators from more than 90 manual configuration steps
    DALLAS, Aug. 29, 2023 /PRNewswire/ -- BackBox , the world's most trusted network automation company, today announced the U.S. Army selected BackBox's Network Automation Platform to automate Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) compliance of their multivendor network environment.
  • BackBox integrates with all major network monitoring platforms and has added new features to enable customers to easily migrate from less sophisticated network automation tools to BackBox.
  • The BackBox Network Automation Platform supports centralized automation of firewalls and network devices from hundreds of vendors.
  • BackBox was named Best Network Automation Solution in the Centralized Multi Vendor category in the 2022 'ASTORS' Homeland Security Awards.

BARR Advisory Releases Exclusive Resources on Healthcare Compliance

Retrieved on: 
Tuesday, August 15, 2023
Security Technical Implementation Guide, Partnership, ISO/IEC, R2, BARR, SOC, Certification, HITRUST, Organization, Standards and Recommended Practices, SOC 2, Growth, CSF, Medical device, Audit, Financial services, Risk management

KANSAS CITY, Mo., Aug. 15, 2023 /PRNewswire/ -- BARR Advisory has released a pair of exclusive resources for healthcare organizations aiming to improve their security postures and better manage third-party risk.

Key Points: 
  • The cybersecurity and compliance solutions firm dives deep into HITRUST assessments and the partnership between HITRUST and Health3PT in a series of new, exclusive resources.
  • KANSAS CITY, Mo., Aug. 15, 2023 /PRNewswire/ -- BARR Advisory has released a pair of exclusive resources for healthcare organizations aiming to improve their security postures and better manage third-party risk.
  • "Regardless of where your organization is in its HITRUST journey, our team at BARR Advisory is ready to help."
  • Steve Ryan, BARR's attest services manager specializing in healthcare compliance, echoes that sentiment in the latest installment of the firm's cyBARR Chats series.