Did you know you can use the checklist template engine in OpenRMF Professional to have checklists already pre-filled with your manual checks and known good automated check results? And you can use the Bulk Edit feature for your checklist vulnerabilities to have consistent standard answers across your checklist vulnerability entries…

Tracking your cyber compliance is NOT just for US Federal government or DoD in particular. Proper cyber hygiene and applying the right cyber frameworks is important regardless of you being a government agency, large business, or even a smaller business. With our latest version 2.8, you can use OpenRMF Professional…

IT organizations throughout the U.S. Federal Government are constantly working to defend against cyber attacks, nation state actors, criminals, and have to do that while modernizing their network infrastructure and applications. The process to become certified to provide these requires an Authority to Operate (ATO). In today’s environment, doing this…

Integrate a cyber compliance engine to your software factory to track RMF, FedRAMP, or other compliance frameworks from Day 1. Use scoring APIs for gated pipeline software delivery and deployment. Update and produce checklists and documentation easily and automatically. Keep track of issues with a live automated POAM. Sound impossible…

The latest version 2.8 automates SAR, SSP, and RAR documentation. Allows creating CIS based checklist from CIS benchmark scans automatically. Tracks other vulnerabilities from software, container, and other scans along with checklist and host patch OS vulnerabilities. And it integrates with program management software (Jira, GitLab, GitHub, ServiceNow) for tracking…

With version 2.8, you can now use CIS based benchmarks to scan your applications, software, and devices for tracking compliance and vulnerabilities. Automatically make a CIS checklist template from your .audit file. Scan your devices. Upload the results. Track over time using OpenRMF Professional’s automation engine. CIS Benchmarks If you are coming…

Do you want to set NLog levels dynamically for running your application with different logging levels? We did. And we had to read a bunch of various posts and examples to figure it out correctly. TLDR; In the end, we added a variable in the nlog.config and read that in…

To track RMF and FedRAMP system packages as you move them to your cloud, you first can use the new OpenRMF Professional v2.7 with Custom Checklists to create your base level infrastructure system package for your platform or cloud infrastructure. Then, use the new Inheritance feature (common controls) when generating…

It’s the same great RMF and FedRAMP cyber compliance and collaboration application. Now it includes Tracking Inheritance and Common Controls. More powerful bulk editing and locking. Massively expanded API. Tracking Cyber Compliance History. Bulk tagging. More charts and reports. And smoother setup and installation/upgrade. Major highlights are below! More Streamlined System Compliance Listing One big…