Leveraging VNSOC360° Managed Security Services for Federal Compliance
If you have been in IT or Security Operations long enough, you’ve come across that environment or product that you have to deal with on a day-to-day basis that has you pulling your hair out…
Our team at InfusionPoints is tasked with developing and managing a large FedRAMP-accredited cloud environment including the operations, maintenance and continuous monitoring of all security controls. The products selected for the technical control requirements had originally included our client’s integrated stack of hardware and software. This included a blend of organically developed software and acquired solutions. While many of these products performed adequately, there were several that just weren’t providing the level of control needed, and some required a significant amount of time and skill to customize and operate.
The net result was an environment that had become quite a challenge just to keep operating, especially in an environment that required the relatively high security requirements of FedRAMP. During these operational struggles, we knew that the implementation of NIST SP 800-53 Rev4 controls was required for our next annual assessment, and we knew the existing controls would not be up to the task. Once our team had gained the provisional Authority to Operate (pATO) for the system it became obvious that something had to be done to streamline the security controls in the cloud and improve our ability to conduct security operations in an efficient manner while meeting the 800-53 Rev4 control requirements.
Fortunately, InfusionPoints had been developing our VNSOC360° Managed Security Service Provider offering and it had launched just in time for this need. InfusionPoints leveraged our Managed Security Services team to deploy the same toolset and operations procedures into the FedRAMP environment so that it could also become part of the accreditation boundary. At the time of this writing, we are finishing up the annual assessment process to have the tool-set and procedures accredited. After implementation, our operations team, our client and their customers have enjoyed some immediate benefits from using our VNSOC360° service including:
- Collapsing the output of 6 different toolsets into a single pane of glass.
- Efficient log collection from all endpoints including syslog, Windows, and Linux hosts.
- Correlation of Network IDS, Host IDS, syslog, and other events across the environment against industry leading threat intelligence.
- Cross-platform Host Intrusion Detection System (HIDs) deployed to Windows and Linux Hosts with support for others including BSD, Solaris and OS X.
- Reduced licensing costs by consolidating tool-sets.
- A world-class security operations team based in the US, and utilizing US Citizens only.
- Ability to meet controls in NIST SP 800-53 Rev4 like application whitelisting and file integrity monitoring.
As a key component of our Build, Test, Defend methodology, InfusionPoints developed our VNSOC360° Managed Security Service to allow organizations of all sizes to realize true improvements to their security posture. Whether its DFARs, NIST 800-171, FedRAMP, ITAR, or you are just interested in improving your ability to defend your organization, we can help!