Understanding your network’s architecture and knowing what applications and devices are are permitted on your network is critical to the success of any vulnerability management program. However, implementing an effective vulnerability management program can be a monumental task depending on the size, scope, and architectural complexity. That is where SecureStrux’s seasoned Vulnerability Scanning Team comes in. We have experience scanning and gaining access to a myriad of clients on various network sizes both internally and externally to provide full visibility to not only meet CCRI compliancy requirements, but just as important, ensure your critical assets remain secure.
Assured Compliance Assessment Solution (ACAS)
ACAS solution is required for all networks that connect to the Department of Defense Information Network (DoDIN) (i.e. NIPRNet or SIPRNet) and is mandated for DoD use by various US Cyber Command orders, including USCYBERCOM TASKORD 17-0019, Scanning and Remediation. The intent is to improve the capability of DoD to quickly and accurately assess the security posture of DoD enterprise networks.
Implementing the ACAS Suite
The ACAS solution automates network discovery and uses the products to deliver comprehensive network and application vulnerability scanning and configuration assessment. The main suite of tools required by the DoD are Tenable’s SecurityCenter and Nessus scanner(s).
Nessus Scanners actively scan a network and gather the resultant data. SecurityCenter is the brains of the ACAS console that combines vulnerability data from the Nessus scanners to evaluate the overall risk level of a network. In addition to combining Nessus scanner results, fully utilizing SecurityCenter’s dashboard and report suite can provide compliance support to various levels of leadership.
Get Your ACAS Assistance
Understanding and supporting ACAS is essential not only for meeting a variety of DoD and USCYBERCOM configuration requirements but also helps standardize the various vulnerability management programs that exist within the DoD.
SecureStrux has worked with a wide-range of clients all over the world, in a short period of time, to get them compliant and inspection-ready. Our ACAS and Tenable certified experts have a proven record in helping DoD contractors and agencies not only properly implement ACAS to meet DoD requirements but also in helping our clients maintain operational readiness to achieve Fully Compliant CCRI scores for vulnerability scanning. Secure your assets and achieve the readiness you need by partnering with us today.
CCRI and SAV inspections don’t have to be a stressful time. In working with the right partner, you’ll be able to demonstrate proper network protection and governance to maintain contracts and grow your operations.
“ JSP CCRI Team, You all have been a beacon of security awareness throughout your time supporting all the various Pentagon Headquarter organizations. Our security posture has significantly improved due to all your efforts. You have raised awareness, provided technical assistance, and been a driving force for improved security throughout JSP and all supported organizations. ”
“ I would like to thank the network review team [member], Mr. Gaines...for the excellent review work they completed for the 2RCC CCRI, 07-19 AUG 16. Between the three of them, they were able to review nearly 16 sites worth of network devices, including internal, and external devices. Thank you for your hard work and dedication in successfully completing all review requests. ”
DRSI Team Lead
“ We got an Excellent on our CCRI and a Superior on our DSS SVA! Thanks to Michelle and the other SecureStrux team members. We wouldn't have been successful without them. ”