Arlington VA – September 25, 2017 – Qmulos, a Splunk Technology Alliance Partner, today announced the Fall 2017 release of Qmulos Enterprise Compliance (Q-Compliance) to help customers streamline and automate IT compliance activities in alignment with the NIST Risk Management Framework (RMF).
Designed to automate, integrate, and provide continuous monitoring of all categories of security controls, the solution includes support for all four types of IT compliance evidence (Policies & Procedures, Human Activity, Technical, and Ad-Hoc Queries), built on the Splunk® platform.
Q-Compliance leverages the Splunk platform to transform compliance activities into actionable security value, connecting previously siloed compliance and security functions towards a common goal. Qmulos Enterprise Compliance helps users of Splunk Enterprise uncover the value of compliance automation. Qmulos’s compliance experts will be at Splunk .conf2017 in Booth G6 to demo the solution, and an online preview is available here.
Highlights of the solution include:
- Unlimited Multi-Tiered Organization Hierarchies
- Support for System and Enterprise Level Risk Management Assessments derived from SCAP (Security Content Automation Protocol) validated tools
- Out-of-the-box and custom overlay development templates
- Integrated POAM management support
- Role-based dashboards for executives, ISSOs, and compliance staff
- “Measure once, Report Many” for leading Frameworks – support for reporting against frameworks and mandates to include NIST SP 800-53r4 Control Instrumentation, NIST RMF and CSF automation, HIPAA, DFAR CUI (NIST SP 800-171) Requirements, SANS/CAG 20 Critical Controls, FedRAMP, CJIS, and others.
“IT Audit and Compliance automation is an investment that pays for itself, not only in savings, but in improving a customer’s actual security posture,” said Matt Coose, CEO and founder of Qmulos. “Leveraging the Splunk platform enables IT data to be repurposed for compliance and audit use cases, cybersecurity investigations, and even preparing board-level presentations, enabling enterprises to more easily gain value from their data.”
“As organizations continue to undergo digital transformations, it’s important to leverage the data needed for security and compliance to deliver business insights, automation controls and value to the boardroom,” said Haiyan Song, senior vice president and general manager of Security Markets, Splunk. “Qmulos is a great example of a Splunk partner providing unique compliance expertise to enable that capability for our mutual customers.”
“By 2020, 100 percent of large enterprises will be asked to report to their board of directors on cybersecurity and technology risk at least annually, which is up from today’s 40 percent,” noted Gartner in the March 2016 report How to Build an Effective Cybersecurity and Technology Risk Presentation for Your Board of Directors by Paul Proctor, Jeffrey Wheatman, and Rob McMillan.