Posts

Qmulos Named to Inc. 5000 List of America’s Fastest-Growing Private Companies

Qmulos is proud to announce its debut on Inc. Magazine’s 37th annual Inc. 5000 list, the most prestigious ranking of the nation’s fastest-growing private companies. Starting in 1982, this prominent list has become the hallmark of entrepreneurial success.

The list represents a unique look at the most successful companies within the American economy’s most dynamic segment—its independent small businesses. Microsoft, Dell, Domino’s Pizza, Pandora, Timberland, LinkedIn, Yelp, Zillow, and many other well-known names gained their first national exposure as honorees on the Inc. 5000.

This year, the list displays particular growth from past Inc. 5000 lists including a three-year average growth of 538%, “If your company is on the Inc. 5000, it’s unparalleled recognition of your years of hard work and sacrifice,” says Inc. editor in chief James Ledbetter. “The lines of business may come and go, or come and stay. What doesn’t change is the way entrepreneurs create and accelerate the forces that shape our lives.”

Qmulos, a leader in compliance and audit solutions powered by Splunk, has experienced exceptional customer, revenue, and channel growth this year. The company has expanded market penetration in regulated and critical infrastructure sectors to include finance, insurance, healthcare, law enforcement, energy, telecommunications, and technology, while continuing to grow their presence in the federal government defense, intelligence, and civilian markets. Qmulos is poised to become the de-facto standard when an organization needs to dramatically simplify their ability to audit, evaluate, and comply with industry and regulatory IT mandates with real time risk management of technical controls.

“It is an honor to be included on the Inc. 5000 list alongside so many innovative and successful companies,” said Matt Coose, CEO of Qmulos. “I’d like to thank our dedicated team of super-humans and our close partner, Splunk. We have built and are delivering a new paradigm of compliance on big-data, the future is limitless as we continue to help others realize the value of doing compliance and risk management in a way that improves security.”

Happy Fifth Anniversary!

 

5th_photo1
5th_photo2
5th_photo3
5th_photo4

I can’t believe it, but Qmulos is celebrating our Five-Year Anniversary!  I couldn’t be more excited about our clients, our team, and our future.  I don’t usually like to talk about ourselves, I prefer to let our customers to do the talking for us, but I’d like to make an exception, just this once.

We started with an idea and a passion to change how cyber compliance gets done and what it could mean to overall security if it was done right.  We used to share the belief, one that many security practitioners still hold, that compliance is a complete waste of time and money and doesn’t actually improve security.  People even started calling it “risk management” to get away from the negative connotations of “compliance” but this didn’t actually change anything.  CISOs I have worked with in virtually every industry have essentially been forced, due to fear of audit findings, to spend untold millions on armies of people to generate paperwork, issue data calls, fill-in static spreadsheets, and upload “evidence” into extremely expensive legacy GRC tools, where they spend many more millions to show auditors how “secure” they are and how well they are managing risk.  Sadly, this had been going on for 30 years and we felt it was finally time for a change.

What we realized when we started the company was that implementing a set of thoughtful security controls, the underpinnings of cybersecurity compliance, and monitoring them in near-real time, is extremely valuable to improving real security.  The only bad thing was the way this was being done.  Out of necessity, since it was the best technology available, compliance was implemented using relational databases.  The Gartner Quadrant for IT-GRC is littered with legacy vendors promoting this type of approach.  The problem is that this architecture does not provide the vital flexibility and adaptability necessary to do compliance in a valuable way.  Compliance, or, real-time risk management, requires a method to keep up with a large volume of constantly changing disparate data from various tools, operating systems, and devices across your IT infrastructure to inform security personnel and system owners about the real-time status of their security controls and systems.

We solved this problem by building the first, as far as we know, integrated risk management (IRM) solution on top of the world’s leading big data platform, Splunk!  As a result, we’ve come full circle to understand that compliance (e.g. monitoring a comprehensive set of security controls), when done on big data, is VITAL to real security.  To understand the value, just look at the security controls within the NIST RMF Catalog (NIST SP 800-53).  These controls have been defined over many years, are updated frequently, and cover virtually every threat.  What does that mean?  Well, if you can implement and monitor this holistic set of security controls in near real-time, you will likely have the best security program on the planet- the exact opposite of a complete waste of time and money!

Qmulos has realized the dream of Information Assurance professionals at all levels across the Globe.  We have disrupted the legacy compliance market and are enabling CISOs around the country to realize that doing “compliance” on top of big data is the best way to dramatically improve operational security.  We are enabling CISOs to finally bring together their operational security budgets and resources with their compliance budgets and resources and align them toward one common goal – better security.  At Qmulos, we holistically define what you need to monitor (breadth of security controls), enable you to do so accurately (automation), in a timely manner (near-real time), and on a flexible platform (Splunk) that adapts to constantly changing environments in hours instead of months.

I am very proud of how far we’ve come, very appreciative of all of our forward-thinking customers and partners who immediately saw the value of our “new paradigm” of compliance on big-data, and very grateful for our dedicated team of super-humans, thanks Qmulites!  The future is limitless as we continue to help others realize the value of doing compliance and risk management in a way that improves security!

Qmulos Announces Participation at Splunk .conf2017 and Fall 2017 Release of Q-Compliance

Arlington VA – September 25, 2017 – Qmulos, a Splunk Technology Alliance Partner, today announced the Fall 2017 release of Qmulos Enterprise Compliance (Q-Compliance) to help customers streamline and automate IT compliance activities in alignment with the NIST Risk Management Framework (RMF).

Designed to automate, integrate, and provide continuous monitoring of all categories of security controls, the solution includes support for all four types of IT compliance evidence (Policies & Procedures, Human Activity, Technical, and Ad-Hoc Queries), built on the Splunk® platform.

Q-Compliance leverages the Splunk platform to transform compliance activities into actionable security value, connecting previously siloed compliance and security functions towards a common goal.  Qmulos Enterprise Compliance helps users of Splunk Enterprise uncover the value of compliance automation. Qmulos’s compliance experts will be at Splunk .conf2017 in Booth G6 to demo the solution, and an online preview is available here.

Highlights of the solution include:

  • Unlimited Multi-Tiered Organization Hierarchies
  • Support for System and Enterprise Level Risk Management Assessments derived from SCAP (Security Content Automation Protocol) validated tools
  • Out-of-the-box and custom overlay development templates
  • Integrated POAM management support
  • Role-based dashboards for executives, ISSOs, and compliance staff
  • “Measure once, Report Many” for leading Frameworks – support for reporting against frameworks and mandates to include NIST SP 800-53r4 Control Instrumentation, NIST RMF and CSF automation, HIPAA, DFAR CUI (NIST SP 800-171) Requirements, SANS/CAG 20 Critical Controls, FedRAMP, CJIS, and others.

“IT Audit and Compliance automation is an investment that pays for itself, not only in savings, but in improving a customer’s actual security posture,” said Matt Coose, CEO and founder of Qmulos.  “Leveraging the Splunk platform enables IT data to be repurposed for compliance and audit use cases, cybersecurity investigations, and even preparing board-level presentations, enabling enterprises to more easily gain value from their data.”

“As organizations continue to undergo digital transformations, it’s important to leverage the data needed for security and compliance to deliver business insights, automation controls and value to the boardroom,” said Haiyan Song, senior vice president and general manager of Security Markets, Splunk. “Qmulos is a great example of a Splunk partner providing unique compliance expertise to enable that capability for our mutual customers.”

“By 2020, 100 percent of large enterprises will be asked to report to their board of directors on cybersecurity and technology risk at least annually, which is up from today’s 40 percent,” noted Gartner in the March 2016 report How to Build an Effective Cybersecurity and Technology Risk Presentation for Your Board of Directors by Paul Proctor, Jeffrey Wheatman, and Rob McMillan.