We are seeing tremendous interest from the commercial sector for our products, especially from the more cyber conscious sectors focused on a Risk Management approach to security. Our Enterprise Compliance App is relevant for any organization that takes cybersecurity seriously. The App provides automated compliance assessments against NIST SP 800-53r4 (the most complete standard in the world) and the NIST Risk Management Framework. On top of this, we also provide capabilities to enable organizations to measure themselves against other frameworks. Here are some examples of other frameworks and mappings we cover: NIST Cybersecurity Framework, NIST SP 800-171 (DFAR for CUA), DOJ CJIS, SANS, CIS Critical Controls, HIPAA, NERC CIP, NYSE Cyber Guide, HITRUST, and many more.
Simply put, yes. The tools that come with CDM include many point solutions that our App leverages for IT risk management and compliance purposes. The CDM tools they include, while valuable, do not provide the same functionality and scalability as the combination of our Apps on top of Splunk. The good news is that many CDM deployments come with at least some Splunk licenses!
The Qmulos Enterprise Audit App is a pre-defined “Gold-Standard Policy” of what you should audit on your network including the built-in ability to monitor it. The App is based on an Intelligence Community Standard that few Auditors will dispute. Q-Audit provides additional features that supports compliance efforts, and also informs Security Operations and Insider Threat/Fraud detection efforts. This is the “must have” foundational analytics app for insider threat programs, shared service, hosting, and FedRamp environments.
Compliance on top of Splunk enables real security, and provides a complete view of compliance, including live operational data right from your networks and devices.
Additionally, there is a tremendous ROI and time-to-value for multiple use cases on the same Splunk platform. Collect data once, and use it for a variety of purposes, including compliance, security operations, investigations, insider threat, IT operations, business system analytics, and more.
Compared to Legacy IT GRC tools that focus mainly on static, paper-based compliance information, Qmulos apps provide real value and secure decisions, every time, at real time.
Latest Press Release
- Integrating Machine and Human Workflows for Compliance AutomationAugust 1, 2019 - 11:09 am
Figure 1: System Continuous Monitoring Let’s walk through a short example. In Figure 1, we see that the “CM-08 Information System Component Inventory” control is failing. Using Splunk’s alerting workflows in conjunction with an extensive library of prebuilt compliance analytics from Q-Compliance (shown in Figure 2), we have detected that there are unauthorized software installations on the devices in […]
- The Data-Driven Strategy to Compliance and Cyber HygieneJuly 29, 2019 - 4:12 pm
Qmulos CEO and Founder, Matt Coose, along with Dr. Ron Ross, NIST Fellow, will host a discussion on compliance and risk management frameworks, and how the right data-driven approach can help organizations go beyond meeting regulatory requirements and provide a foundation for a robust security posture. While compliance efforts are mandated and top-of-mind across government […]
- MindShare Selects Qmulos’ Matt Coose for its 2019 CohortMay 23, 2019 - 5:06 pm