- Dark mode
- Support for the Department of Defense’s Cyber Security Maturity Model
- Data Sources Dashboards
- Automatic POAM creation
Read on for more details on each of these key features …
Dark Mode
As you can see from the screenshots, Q-Compliance now has a configurable dark mode option to make things easier on the eyes of our nocturnal security brethren. Yes, it took a while, but we’ve had a lot of other important features to build, i.e. features that actually streamline compliance and add security value. In any case, we think that once you see it, you’ll agree that it has been worth the wait.
Support for the DoD CMMC
Data Sources DashboardsYou’ve been asking and now we’ve delivered! People who have been awed by our demos have always asked what specific data sources (i.e. cyber security tools) do they need to have integrated with Splunk to light up the control dashboards and take advantage of Q-Compliance’s automation capabilities. While we’ve always had documentation that listed the required data sources, we thought it would be even cooler to have dashboards directly in the app to provide this information. So our security and compliance research team has been hard at work researching the most common tools that are used to implement the NIST security controls and we’ve taken the results of that to populate new Data Sources Dashboards in the app that lists specific vendors and products that are relevant for each control. The list of cyber security tools is almost endless so this content will be regularly updated with each release of Q-Compliance.
Automatic POA&M Creation
Plans of Actions and Milestones (POA&Ms) – don’t we all love them?! Regardless of how you feel about POAMs, they are how compliance findings are documented and tracked to ensure that they eventually get fixed and we’ve added a new feature that should make your lives a little easier when dealing with POA&Ms. This feature is a Splunk custom alert action that will allow you to automatically create a POA&M whenever any Splunk alert triggers. Think about all the POAMs you’ve had to create for each unpatched asset every time you run a vulnerability scan. Well now you can automate that by simply creating an alert using the analytics we have for the RA-05 Vulnerability Scanning control and adding the POA&M alert action.
There are many other features and enhancements in Q-Compliance V3.2 that we can’t list them all in one blog post. If you want more details on any of the features we’ve just described or want to find out about other updates in this release, please contact sales@qmulos.com, one of our valuable partners, or visit www.qmulos.com for more information.