• "Is your Enterprise Compliance App relevant for the commercial sector?"

    Absolutely!

    We are seeing tremendous interest from the commercial sector for our products, especially from the more cyber conscious sectors focused on a Risk Management approach to security.  Our Enterprise Compliance App is relevant for any organization that takes cybersecurity seriously.  The App provides automated compliance assessments against NIST SP 800-53r4 (the most complete standard in the world) and the NIST Risk Management Framework.   On top of this, we also provide capabilities to enable organizations to measure themselves against other frameworks.  Here are some examples of other frameworks and mappings we cover:  NIST Cybersecurity Framework, NIST SP 800-171 (DFAR for CUA), DOJ CJIS, SANS, CIS Critical Controls, HIPAA, NERC CIP, NYSE Cyber Guide, HITRUST, and many more.

  • "I‘m a Federal Customer, do I still need your Apps if I’m getting free tools from CDM?"

    Simply put, yes.  The tools that come with CDM include many point solutions that our App leverages for IT risk management and compliance purposes.  The CDM tools they include, while valuable, do not provide the same functionality and scalability as the combination of our Apps on top of Splunk.  The good news is that many CDM deployments come with at least some Splunk licenses!

  • "Why do I need the Enterprise Audit App?"

    The Qmulos Enterprise Audit App is a pre-defined “Gold-Standard Policy” of what you should audit on your network including the built-in ability to monitor it.  The App is based on an Intelligence Community Standard that few Auditors will dispute. Q-Audit provides additional features that supports compliance efforts, and also informs Security Operations and Insider Threat/Fraud detection efforts.  This is the “must have” foundational analytics app for insider threat programs, shared service, hosting, and FedRamp environments.

  • "Why should I deploy compliance tools on top of Splunk?"

    Compliance on top of Splunk enables real security, and provides a complete view of compliance, including live operational data right from your networks and devices.

    Additionally, there is a tremendous ROI and time-to-value for multiple use cases on the same Splunk platform.  Collect data once, and use it for a variety of purposes, including compliance, security operations, investigations, insider threat, IT operations, business system analytics, and more.

    Compared to Legacy IT GRC tools that focus mainly on static, paper-based compliance information, Qmulos apps provide real value and secure decisions, every time, at real time.