USACE ERDC NIST RMF Support Project Details

Work performed included the evaluation and NIST SP 800-53/RMF security control assessment-validation and compliance support for systems and enclaves ranging in size from 10 to 10,000 IT assets consisting of Windows 10, Windows 2008R2, 2012, Unix, Linux, network devices, databases, web servers, mail, active directory, firewalls, multi-function devices, or any IT capability that applies a DISA STIG or NIST 800-53 control as a security baseline. Tools utilized include Assured Compliance Assessment Solution (ACAS)/Nessus, DISA Security Compliance Checker (SCC), eMASS, and others. Assessments and tests of systems ranged from 1,700 to 3,000 compliance checks each. 

Our validators not only identified non-compliant documentation, configurations and security controls, but made recommendations to the customers on how to improve their overall security and how to be compliant with DISA security STIGs, NIST RMF, and other guidance. Additionally, Netizen provided pre-assessment cybersecurity engineering services to DoD customers to secure, certify and maintain their classified (up to and including TS/SCI) and unclassified networks and systems.

All work following the U.S. Army NETCOM procedures and our team was one of the most successful Security Control Assessment Validation (SCA-V) teams in the entire U.S. Army.