STIG Automation

Cyber Compliance Evaluation Service

Regardless of the industry sector, organizations face the common challenge of adhering to regulatory and policy cyber compliance. While the Department of Defense (DoD) and federal government has adopted NIST’s Special Publication 800-53 as its regulatory framework for IT security controls, the commercial sector is required to abide by a variety of regulations such as the Payment Card Industry Digital Security Standard (PCI DSS), the Health Insurance Portability and Accountability Act (HIPAA), and Control Objectives for Information and Related Technology (COBIT).

Cyber personnel continuously evaluate and monitor their information systems against the required set of security controls as directed by these regulations.  Manual evaluation becomes tedious and leaves room for human error and inconsistencies.  

SecureStrux has developed a unique solution to compliance automation that provides increased visibility, precision, and speed of execution to evaluating Windows Operating Systems and applications, such as Exchange, SQL, and IIS using DISA Security Technical Information Guides (STIGs).  Our patent-pending solution is native to the Microsoft Windows Operating System and requires no servers, databases, additional operating system configuration settings, or software to install, making it easy and cost effective to introduce into the customer environment.