Feature Highlight: Automatic System Security Plan (SSP) Generation! Want to avoid spending time doing paperwork? Hopefully this can save you hours, if not days and weeks. With Q-Compliance, generating an SSP is as easy as clicking a button. Here’s how. Simply navigate to the System Action Page and click the Generate New SSP button.
Within seconds, a new link appears in the SSP Reports table showing the date/time of creation and who created it. From there, simply click on the link to view your up to the minute SSP report in MS Word format.
After that, within the report you will see various attributes of the system which you can customize to capture the information you want to see. In this case, we have added items like system owner, risk level, ISSO, and authorizing official. You will also find a full, dynamically generated, list of the hardware inventory comprising the system.
A list of all authorized software:
A list of any blacklisted software:
Additionally, the report includes all relevant information for every applicable control. For instance, audit, assessment, and monitoring frequency, type of control, provider (if any), justification, last audit and assessment date, reviewer, status, and findings, and the detailed control requirements to include defined ODPs, supplemental guidance and implementation statements.
In conclusion, generating an automatic System Security Plan has never been easier with Qmulos and Splunk. Of course, the data in the SSP is only as good as the data ingesting through Splunk. But, as Splunk is the best at ingesting data, this should not be an issue. Qmulos gives the ingested data, true security context. If you’d like to learn more about how Qmulos is reinventing real-time continuous monitoring, and how your organization can generate an automatic System Security Plan, please fill out the form on the right and we can give you more information!