Q-Compliance

Q-Compliance, powered by Splunk, is the next generation compliance monitoring and assessment suite. It combines real-time monitoring of your systems’ machine data with the context and workflows of an Integrated Risk Management (IRM) tool. As the most complete solution on the market based on the NIST Risk Management Framework (RMF) and NIST SP 800-53 Revision 4, with real time control monitoring on the Splunk platform. Need to provide metrics and results for CIS Top 20 Controls, FedRamp, or DFAR (171)? We have out of the box support, and include updates as the mandates and policies are updated!

Q-Compliance meets needs for every stakeholder:

  • CISO, Executives, and Board Members

    All Corporate and LOB Executives gain insight to their organization’s compliance posture and trends with the same metrics.  Includes out of the box support for the Framework for Improving Critical Infrastructure Cybersecurity (the Framework) from NIST.

  • InfoSec Teams and System Owners

    Operational teams monitor common metrics of security & compliance, by control and families, and receive alerts

  • Compliance Analysts and Auditors

    Evidence pages for each control for all classes of evidence, with realtime monitoring of tech controls and proof of human review.

We handle big data that our competitors can’t:

  • Streamed Audit logs

    Logs from your domain controllers, hosts, agents, network devices, scanners, and much more

  • Asset inventories and configurations

    Ingest asset inventories and system configs from your enterprise tools, based upon industry standards (SCAP)

  • Authoritative User Action Records

    Identity Access and Online Systems such as Active Directory, LDAP, Human Resource and training systems

Q-Compliance Video Demo