Skip to content

Ready, recoverable, resilient networks

DHS Continuous Diagnostics and Mitigation (CDM)

Support CDM Program compliance with misconfiguration detection and critical risk remediation prioritization

Streamline Network Security Assessment to Support CDM Compliance

Federal agencies are high-profile targets that must secure their networks against national state attacks, having continuous visibility of network risks is crucial to understand exposure and in planning remediation action.

Our solutions are a trusted component in the vulnerability management toolsets of federal agencies for verifying that switch, router and firewall configurations remain secure and compliant.

ICON_Configuration Drift- Monitoring

Assess for configuration drift

Gain immediate awareness of any device configuration changes, providing assurance that planned network changes have not created new vulnerabilities as well as alerting to unplanned changes. 

ICON_Proactive- Audits

Validate compliance with evidence

Appropriate NIST SP 800-53 controls are used to help establish the ‘actual versus desired state’ according to CDM. Using DISA STIG CCIs, Nipper solutions automate the accurate assessment of up to 49 NIST SP 800-53 base controls and control enhancements across 8 control families.

ICON_Software Vulnerability- Management

Prioritize risk for remediation

Prioritize vulnerabilities according to network criticality and provides remediation guidance, improving both MTTD and MTTR.

Titania research report cover titled, 'The impact of exploitable misconfigurations on network security.'

Research Report

This study reveals that an average of 51 network device misconfigurations were discovered in a two-year period with 4% deemed to be critical vulnerabilities that could take down the network within the U.S. Federal Government.

people-at-computer

Automate CDM Compliance Reporting

Evidence compliance with NIST SP 800-53 controls related to network devices, assess performance against the CDM Asset Management Capability, and the Configuration Settings Management (CSM) and Vulnerability Management (VUL) capabilities.

See NIST SP 800-53 Mapping Document

Prioritize Remediation of Exploitable Risks

Automate prioritization of misconfiguration findings with mitigating advice to inform remediation workflows, allowing you to fix non-compliances, in a risk-prioritized order.

Learn more
Male IT technician holding laptop next to female IT technician who is pointing at server in data center.
woman-at-computer-1

Mitigate Risks with Remediation Advice

Device-specific guidance on how to fix misconfigurations – including command line scripts in some cases – is provided to decrease the mean time to remediate security and compliance risks and inform POAMs (Plan of Action and Milestones).

Learn more

Minimize the Attack Surface

Attack Surface Management (ASM) assurance using NIST/MITRE-approved mapping of NIST 800-53 controls onto 10 of the 11 MITRE ATT&CK® Tactics for Network Infrastructure.

Learn more
Exclamation mark symbolising network security alert.
Female cyber security professional looking at network segmentation in work flow on computer.

Assure Zero Trust Policy

Assure Zero Trust policy with evidence that networks are segmented with deny all/permit by exception rules and devices are managed and compliant to IT security policies.

Learn more

Assure Network Compliance

Nipper Resilience delivers fast, accurate visibility of network configuration posture at scale to ensure ongoing compliance in accordance CDM program requirements.

Explore Related Resources

Nipper Resilience solution guide: Proactive Network Security
Datasheet

Nipper Resilience solution guide: Proactive Network Security

Developing operational readiness and resilience in a rapidly changing threat environment - Your guide to proactive network security with Nipper Resilience.

Nipper Solutions: NIST SP 800-53 Mapping Document
Mapping Documents

Nipper Solutions: NIST SP 800-53 Mapping Document

Accurately automate the assessment of NIST 800-53 network controls with Nipper solutions to achieve NIST SP 800-53 compliance.

 State sponsored attacks exploit publicly known vulnerabilities
Guide

State sponsored attacks exploit publicly known vulnerabilities

Use Case: Identifying network compromise and prioritizing remediation. State sponsored attacks exploit publicly known vulnerabilities. Early detection of such attacks is vital.

man-on-online-call

Looking for accurate
network infrastructure
risk posture analysis to:


  • Evidence compliance with CDM requirements and other RMFs?

  • Minimize your attack surface?

  • Validate the security of every router, switch and firewall, everyday?

Get in touch