SteelCloud LLC, a STIG and CIS automation and remediation software developer, announced that it has initiated the Common Criteria Evaluation Assurance Level (EAL) 2+ process for its ConfigOS cyber automation software product. Common Criteria is an international framework which defines a common approach for evaluating security features and capabilities of Information Technology security products.
“We are excited to have entered the Common Criteria certification process to validate ConfigOS,” said Brian Hajost, SteelCloud President and CEO. “Common Criteria certification will support the further acceptance of ConfigOS within our federal defense, civilian, and intelligence customers. We are dedicated to design, develop, and deliver the most comprehensive and secure STIG and CIS automation solutions available.”
ConfigOS is currently implemented in enterprise environments, classified and tactical programs, agile labs, and commercial cloud environments. ConfigOS is client-less technology, requiring no software agents. ConfigOS scans endpoint systems for hundreds of policy controls in under 60 seconds and then remediates the endpoints in under 90 seconds. Automated remediation rollback, comprehensive compliance reporting, and STIG Viewer Checklist integration are also provided. ConfigOS was designed to harden every STIG/CIS control around an application baseline in 60 minutes – typically eliminating weeks or months from the RMF/ATO accreditation timeline. ConfigOS automates the incorporation of documented policy waivers to ensure flawless automated STIG/CIS remediation and compliance reporting. ConfigOS addresses Microsoft Windows 7/8/10 and Windows Server ’08/’12/’16/’19 along with Red Hat Enterprise Linux 5/6/7, Ubuntu, and CENTOS Linux.