Information Assurance

In recent years the nature of cyber security, information assurance and the challenges to security analysis professionals have changed significantly. To address these changes, Solidyn Solutions has invested in IT monitoring and compliance technology by creating its INSPECTTM product. Greater threats, virtualization, distributed and cloud based systems have increased the work of the security professional by several orders of magnitude. The migration to continuous monitoring from the 3-year accreditation cycle requires security professionals to understand the current configurations of their system at any moment. Performing security scans, understanding the associated output, and being able to quickly report on the output are “must-have” capabilities for today’s security professional.
Security scans performed on today’s IT systems using common scan tools such as OVAL,CIS, Nessus can generate tens of thousands of results per day. With continuous monitoring, manually reviewing the output can take days or even weeks.  Solidyn has developed INSPECTTM, which simplifies the tedious tasks of security compliance analysis, reporting and review. It reduces the time necessary for security professionals, certification organizations, management, and customers to quickly understand the status of the enterprise from a security viewpoint.  INSPECTTM automatically ingests security scans from today’s common scanning tools and provides users with easy to understand visual displays that reflect the current security status of the system.  INSPECTTM has been shown to reduce the time to analyze a system’s security configuration by over 85%.  Some of the key features of INSPECTTM include:

  • Automatic ingest of security scans (can be done as often as required)
  • Stoplight status for quick review of scan results
  • Enterprise, system, and host-level summaries
  • Mitigation, Review and Closure can all be managed from within a single tool
  • Red, Yellow, Green dashboard coloring of each level of the enterprise
  • Ability to view detailed scan results and customized reporting
  • Integration with program security requirements exported from ReqPro or DOORS and/or requirements defined in government compliance documents (e.g. DoDI 8500.2, NIST SP 800-53)