SteelCloud, a software development company delivering STIG and CIS compliance software for government customers and those technology providers that support the government, has selected the Microsoft Azure cloud platform to implement its new DevOps Lab for large-scale STIG remediation testing.
SteelCloud‘s IA CLOUD facilitates both internal product and external customer testing and validation. IA CLOUD replicates typical customer environments including operating systems, applications, routers/switches, subnets, firewalls, and domain controllers.
“We developed IA CLOUD to provide an easily accessible environment for agile STIG testing and validation,” said Brian Hajost, President and CEO of SteelCloud. “We recognize that having our customers replicate large on-premise test environments, incorporating all of the operating systems necessary, can be cost prohibitive and time-consuming. Our new Azure DevOps environment allows us to quickly set up a large-scale, heterogeneous, sandbox environment for customers to collect real-world results from piloting automated STIG remediation and compliance.”
SteelCloud’s ConfigOS software – a solution scanning endpoint systems and remediating hundreds of STIG controls “in under 90 seconds” – will be integrated across IA CLOUD to support a wide range of STIG remediation and compliance use cases. A partial list of components implemented in IA CLOUD includes Windows 7/8/10, Windows Server 2008/2012/2016, Domain Controller 2012/2016, SQL Server, IIS, Microsoft Office, IE, Chrome, Red Hat 6/7, SUSE, Ubuntu, Oracle Linux, and Apache.
Additional 3rd party tools will include STIG Viewer, Security Compliance Checker, Vulnerator, and Nessus. Approximately 6,000 STIG controls will be automated in the IA CLOUD environment. SteelCloud products would be easy to license through the company’s GSA Schedule 70 contract.