CMMC-in-a-Box™
Remediation & Managed Security Service
Delivery Packages Aligned to CMMC
Only Pay for What You Need
CMMC-in-a-Box™ addresses MSSP-related CMMC security requirements with a tailored bundle of remediation or management services. Your one stop shop to address the security requirements around CMMC.
We deliver the security services aligned with the requirements of NIST and CMMC and work with your staff or MSP to provide guidance on how to address those. We are your one-stop-shop from gap analysis, remediation, consulting, managed security, policy review/writing, vCISO to readiness assessment.
SOCaas & Incident Response (IR)
Security Operations Center as a fully managed 24/7 Services. Comes with tooling, Threat Management, AI automation, incident/alert monitoring, end point remediation, security analyst responding to alerts, Incident Response and management.
File Integrity Monitoring (FIMaaS)
File Integrity Monitoring comes as fully managed service including tooling, alert monitoring, response and monthly reporting
Security Information Even Monitoring (SIEMaaS)
Central Security Information Event Monitoring and log archiving as fully managed services. Comes with tooling, correlations, system management, 24/7 monitoring and reporting
Security/Risk Assessment
Periodic assessment (policies, procedures, tool configuration, vulnerability scans etc.) for corporate security and risk assessments. Can be also specific to NIST, ISO, CMMC, PCI DSS, HIPAA etc.
Vulnerability Scanning & Penetration Testing
Fully managed vulnerability scanning. Internal or external periodic or one time penetration testing for websites, applications, infrastructure or mobile apps.
Encryption
Fully managed FIPS compliant encryption solution with Key Management for email and hard drive.
Chief Information Security Officer (vCISO)
Virtual or fractional CISO is here to advise you on or provide services around internal audits, risk management, review technical configurations and work with your internal team and/or your MSP to address technical and non technical areas.
Compliance Tracking
Track your CMMC compliance, evidence, documentation, training and much more in a DFARS compliant environment and monitor your compliance status and audit readiness in real time.
CMMC & Security Awareness Training
Periodic Security and CMMC awareness training and testing services.
Policies & Procedures
One-off service to create CMMC compliant and other corporate policies and procedures.
CMMC Enclave
DFARs Compliant data classification, storage and collaboration with required CMMC security controls.
- CMMC 101 Brief:CMMC 101 Brief
- CMMC Model Overview:CMMC Program Model Overview
- CMMC Level 1 Scoping Guidance:CMMC Level 1 Scoping Guidance
- CMMC Level 1 Self-Assessment Guide:CMMC Level 1 Self-Assessment Guide
- CMMC Level 2 Scoping Guidance:CMMC Level 2 Scoping Guidance
- CMMC Level 2 Assessment Guide:CMMC Level 2 Assessment Guide
- CMMC Level 3 Scoping Guidance:CMMC Level 3 Scoping Guidance
- CMMC Level 3 Assessment Guide:CMMC Level 3 Assessment Guide
- DoD CUI Program Website: DoD CUI Program
- Supplier Performance Risk System (SPRS): SPRS
- CMMC Accreditation Body Website: CMMC Accreditation Body
- DODI 5200.48 – Controlled Unclassified Information: DODI 5200.48