SCAP Compliance simplified using Qmulos and Splunk

As part of our Q-Compliance solution, Qmulos has the industry’s only custom input for Splunk that will parse and ingest the National Institute of Standards and Technology’s (NIST) Security Content Automation Protocol’s (SCAP) native XML formats for configuration compliance checks.  We support the Extensible Configuration Checklist Description Format (XCCDF), Asset Reporting Format (ARF) and Assessment Summary Results (ASR) XML formats.  In addition, our upcoming release will add support for the checklist file format (.CKL) used by the Defense Information System Agency’s STIGViewer tool.  Though not officially part of the SCAP standards, the STIGViewer checklist files are widely used. The added support of the StigViewer files will provide another important source for configuration compliance check results.

SCAP simplified using Qmulos

The SCAP capabilities are packaged in our Qmulos SCAP App that customers of Q-Compliance can download and install. The App allows you to ingest an important data source that fuels many of the compliance automation capabilities in Q-Compliance.  Additionally, the Qmulos SCAP App allows organizations to ingest the results of security scanners, vulnerability scanners, configuration management tools and other SCAP-compliant tools into Splunk for enterprise-wide analysis.  The app comes with several dashboards that present an organization’s compliance posture against their SCAP-compliant security benchmarks.  Furthermore, it comes with a Splunk data model defining the common set of fields relevant to most compliance use cases. This enables organizations to develop their own analytics and dashboards with SCAP data in Splunk.

Q-Compliance uses the scan results from the SCAP data in conjunction with the NIST Common Configuration Enumeration (CCE) and DISA Control Correlation Identifier (CCI) standards to correlate the results to specific NIST 800-53 controls.  This drives many of the other Risk Management Framework (RMF) automation capabilities in Q-Compliance such as automated control assessments, automatic creation of Plans of Actions and Milestones (POA&M) to address failed scan results, automated scoring, and ultimately continuous monitoring and ongoing authorization.

SCAP Dashboard using Qmulos

For more information on how you can leverage your data in Splunk to help you with your compliance automation activities, please contact Qmulos at sales@qmulos.com.

You are now leaving Qmulos

Qmulos provides links to web sites of other organizations in order to provide visitors with certain information. A link does not constitute an endorsement of content, viewpoint, policies, products or services of that web site. Once you link to another web site not maintained by Qmulos, you are subject to the terms and conditions of that web site, including but not limited to its privacy policy.

You will be redirected to
in 7 seconds...

Click the link above to continue or CANCEL