Categories
Problems that solves
Shortage of inhouse software developers
Shortage of inhouse IT resources
Shortage of inhouse IT engineers
High costs of IT personnel
Values
Enhance Staff Productivity
Reduce Costs
About Product
Description
Cybersecurity and IT environments are more complex than ever and data volumes are growing exponentially. Attack surfaces are larger and attack vectors are more sophisticated. Security countermeasure models are constantly evolving as is the regulatory and compliance landscape. With qualified cybersecurity resources being scarce it is clear that all these factors drive the need for automation. The FEDTRAQ suite delivers best in class process automation and the highest quality results for your existing cybersecurity program.
Introducing The FEDTRAQ Suite
When used as part of an established Security Authorization process, FEDTRAQ becomes your system of record for inventory management of General Support Systems & Major Applications.
ISMTRAQ
ISM Support Services
SCATRAQ
Security Authorization Automation
PENTRAQ
Penetration Testing & Vulnerability Management
CCATRAQ
Continuous Control Assessment Workflow Automation
ISMTRAQ
ISMTRAQ is a management system that specifically focuses on providing the ISM with the necessary tools through an executive dashboard & reporting engine.
- Reduced Time to Report. ISSOs and ISMs can see which stage in the lifecycle their systems are, validate the existence of accreditation documents and generate performance reports detailing all aspects of compliance, risk management and threat intelligence
- Consistent Methodology. Gain a consistent methodology through Agency Common Control Management
- Generates the POA&M. ISMs can initiate an SSP, SCA or POA&M activity and automatically notify the appropriate security program lead. Any accreditation artifacts created as part of system authorization and process management can be generated on demand
- Improved Accuracy & Consistency. SIEM & GRC Tool Integration and security program performance across all activities.
- Better Findings Documentation. Real time and temporal compliance reporting down to the system and control level, emerging threat trends, performance telematics, & more
- Client-Specific Documentation. Focus on creating SCA, A&A and ST&E (Security Test and Evaluation) assessments
- Effective Management Workflow. Standardized testing, evaluation and reporting methods alongside visualized progress and real-time report generation
- Control Management. Control Inheritance and management at all levels, as well as agency/system common control management
- Continuous Control Assessment. Permits transition to Continuous Control Assessment (CCA) within the ecosystem
- All Necessary Resources. Generate all security artifacts, assign and monitor assessment resources. Acceptance of Risk (AOR) cross-referencing
- Security Auditing. Attack tree wizard ensures that assessments are performed in accordance with mandated standards
- Automate Testing Processes. Automate manual, time-consuming penetration testing artifact collection & reporting processes
- SIEM Integration. Ability to import Vulnerability, Port Scanner, & Application Vulnerability Scannar output files for use in security activities
- Automatic Creation of "Approaches/Methods" Table. Spend more time minimizing breach threats versus reporting
- Reduction of False Positives. Rather than dealing with unjustified alerts, users have more time to examine urgent ones
- CCA Style Assessments. Rapid transition to CCA Style Assessment
- Control Package Management. Automates the CCA process for control package management
- Custom Interval Scheduler. Generates Schedule for Continuous Controls monitoring
- Control Test Reporting. Real time visibility into control test reporting, tested to date, remaining controls to test, & not tested