Qmulos is pleased to announce the general availability of Q-Compliance V4.4.0 and Q-Audit V3.7.0. These versions add capabilities to customize the approval process for system authorizations, i.e., Step 5 of the RMF; generate and export continuous monitoring (ConMon) reports for external auditors; and streamline alert investigations through enhancements to the Q-Audit alert dashboard and workflows.
Customizable Processes for System Authorization
Qmulos revolutionizes the Risk Management Framework (RMF) process by offering a data-driven approach that significantly streamlines and enhances the system authorization process. Unlike traditional methods that rely on extensive and often outdated documentation, our solution provides near-real-time information, enabling authorizing officials to make informed decisions based on the current state of the system. This approach eliminates the need for laborious hours of manual review by leveraging quantitative system data that is consistently updated.
Recognizing the differences in approval chains and the individuals involved in the Authorization to Operate (ATO) process across organization, Qmulos has updated the System Authorization dashboard and workflow to be customizable for each customer. These enhancements allow users to define approval chains with any number of steps and stakeholders and execute those workflows dynamically on the System Authorization dashboard. Now the ATO process can require reviews from multiple roles of your choice, ensuring a comprehensive evaluation before the authorizing official makes the final decision.
Regardless of your role in the approval process, the System Authorization dashboard enables you to visualize the approval chain and monitor the workflow’s progress. Stay informed by choosing to “watch” the approval, receiving email notifications for any updates or changes in the workflow.
Generating ConMon Reports
Qmulos is at the forefront of facilitating Continuous Monitoring (ConMon) processes, aligning with the objectives outlined in NIST SP 800-37’s Monitor step. As defined, the goal is to “maintain an ongoing situational awareness about the security and privacy posture of the information system and the organization in support of risk management decisions.” Qmulos has been consistently delivering on this objective by providing customers with continuous visibility into their system’s security posture through our System Continuous Monitoring dashboard in Q-Compliance.
To substantiate the effectiveness of your continuous monitoring strategy, Qmulos empowers users to export ConMon control data into a Microsoft Excel spreadsheet directly from the System Continuous Monitoring dashboard. This comprehensive report encompasses human activity, assessments, implementations, and other control records, offering a detailed account that serves as crucial evidence for auditors of an effective continuous monitoring strategy implemented within your system. Users can further customize the report by filtering it based on specific time ranges, monitoring frequencies, or configuring it to display ConMon data at the Common Control Identifier (CCI) level.
Streamlining Alert Investigations in Q-Audit
In this latest release of Q-Audit, Qmulos has improved the process of alert investigations through enhanced dashboard features and seamless ticketing integration. Now, users can gain deeper insights into triggered alerts by accessing the search query and raw results that led to the alert activation, facilitating informed assessments of potential threats. Rather than permanently deleting alerts, our system introduces an “acknowledgment” feature, preserving them as historical data in Q-Audit. Information System Security Officers (ISSOs) can leverage this to track past investigations, understanding who, when, and why alerts were acknowledged, enhancing transparency in the investigative process.
For a more collaborative approach to investigations, the integration of a ticketing system allows users to delegate alert analyses efficiently. Creating tickets directly on the Attributable Event Alerts dashboard streamlines the process, enabling users to tie one or multiple alerts to a single ticket for comprehensive investigation. The convenience doesn’t end there—automated ticket creation is available through our existing alert action, simplifying the workflow. Users can also make real-time edits, such as reassignment or status changes, directly within the Attributable Event Alerts dashboard. For a holistic view and further actions, users can seamlessly transition from the Attributable Event Alerts dashboard to the Qmulos Ticketing System (Q-Ticket 1.0.0 or above) app, ensuring a unified and efficient experience in managing and resolving security incidents.