SCAP Compliance simplified using Qmulos and Splunk

January 13, 2021

As part of our Q-Compliance solution, Qmulos has the industry’s only custom input for Splunk that will parse and ingest the National Institute of Standards and Technology’s (NIST) Security Content Automation Protocol’s (SCAP) native XML formats for configuration compliance checks. We support the Extensible Configuration Checklist Description Format (XCCDF), Asset Reporting Format (ARF) and Assessment Summary Results (ASR) XML formats. In addition, our upcoming release will add support for the checklist file format (.CKL) used by the Defense Information System Agency’s STIGViewer tool. Though not officially part of the SCAP standards, the STIGViewer checklist files are widely used. The added support of the StigViewer files will provide another important source for configuration compliance check results.

SCAP simplified using Qmulos

The SCAP capabilities are packaged in our Qmulos SCAP App that customers of Q-Compliance can download and install. The App allows you to ingest an important data source that fuels many of the compliance automation capabilities in Q-Compliance. Additionally, the Qmulos SCAP App allows organizations to ingest the results of security scanners, vulnerability scanners, configuration management tools and other SCAP-compliant tools into Splunk for enterprise-wide analysis. The app comes with several dashboards that present an organization’s compliance posture against their SCAP-compliant security benchmarks. Furthermore, it comes with a Splunk data model defining the common set of fields relevant to most compliance use cases. This enables organizations to develop their own analytics and dashboards with SCAP data in Splunk.

Q-Compliance uses the scan results from the SCAP data in conjunction with the NIST Common Configuration Enumeration (CCE) and DISA Control Correlation Identifier (CCI) standards to correlate the results to specific NIST 800-53 controls. This drives many of the other Risk Management Framework (RMF) automation capabilities in Q-Compliance such as automated control assessments, automatic creation of Plans of Actions and Milestones (POA&M) to address failed scan results, automated scoring, and ultimately continuous monitoring and ongoing authorization.

For more information on how you can leverage your data in Splunk to help you with your compliance automation activities, please contact Qmulos at sales@qmulos.com.

Others have also read ...

Press

Qmulos Expands Cybersecurity Compliance Framework Support, Accelerates Data Onboarding, and Elevates Real-Time Detection of Threats through New Product Updates

Leading compliance automation provider announces new features to streamline integration with the DoD’s eMASS system, new content and analytics on the latest compliance standards and frameworks, and real-time alerts to detect compliance and cybersecurity issues

September 6, 2023

Knowledge Hub

General Availability of Q-Compliance V4.3.0 and Supporting Apps/Add-Ons

On top of the support for several new and updated compliance frameworks and standards, we’ve added many exciting new features that improve and streamline integration with the DoD’s eMASS system, the set-up of new systems/accreditation boundaries, data onboarding, assessment, and continuous monitoring of controls.

September 5, 2023

Compliance Therapy

Leveraging NIST’s Revamped Cybersecurity Framework: A Strategic Approach to Risk and Security Management

By: Igor Volovich, VP, Compliance Strategy In the ever-evolving cybersecurity landscape, organizations are continuously challenged to stay ahead of threats while ensuring compliance with many

August 21, 2023

Press

Qmulos Recognized in 2023 Splunk Regional Partner Awards

ARLINGTON, Va., July 18, 2023 /PRNewswire/ — Qmulos, a next-generation compliance, security and risk management automation provider, announced today it has received the 2023 Regional Partner of the Year

August 7, 2023

Compliance Therapy

The National Cybersecurity Strategy Implementation Plan

The Biden-Harris Administration’s recently released National Cybersecurity Strategy calls for two fundamental shifts in how the United States allocates roles, responsibilities, and resources in cyberspace.

July 14, 2023

Press

Qmulos Announces General Availability of Q-Compliance V4.2.0 and Q-Audit V3.4.0

Qmulos announced the new versions and general availability of its two flagship products, Q-Compliance V4.2.0 – an all-in-one solution for any enterprise, environment, framework, control, and datasource, and Q-Audit V3.4.0 – Qmulos’ Splunk-powered real-time audit software, an enterprise-grade tool designed to meet the most stringent audit requirements.

May 16, 2023

Rethinking the Role of Compliance

Enterprise Solutions