Automate the assessment of firewalls, switches and routers for STIG compliance

STIGs, otherwise known as Security Technical Implementation Guides, are published by the Defense Information Systems Agency (DISA) and must be adhered to by any organization that is connecting to the US Department of Defense’s (DoD) networks.

DISA is responsible for maintaining security standards for DoD computer systems and networks. STIGs are usually published quarterly, and their purpose is to ensure all connecting organizations remain fully up-to-date and compliant. However, they can be updated at any time if a major threat or new bug has been discovered and it is the responsibility of the connecting organization to ensure compliance.

The DoD’s security needs are far higher than manufacturers, who are typically focussed on ease of use. This means connecting organizations need to have a robust approach to checking and updating their networks’ security. A system which is deemed secure one month may be vulnerable by the next.

This is where automated configuration auditing tools, such as Titania Nipper, can be extremely useful. Not only do users save time and money through automating audits and ensuring compliance with STIGs is up to date, they also receive all of the reporting necessary in an audit trail to prove compliance.

Titania's software provides:

Critical risk remediation prioritization:

  • Misconfigurations detected and assessed for
    • impact to the network if exploited,
    • ease of exploitation, and
    • ease and time to fix
  • Device specific remediation advice and command-line fixes
  • Daily configuration drift monitoring

Security and compliance assurance:

  • Assure compliance for FISMA, HIPAA, NIST, DISA RMF, CDM, CMMC and PCI DSS
  • Reduce audit times by up to 80% with evidence of compliance
  • Assessor-ready reports of compliance with:
    • 94% of NIST 800-53 network controls
    • 89% of CMMC network practices to evidence SCRM
    • 94% of PCI DSS network device procedures
    • STIGs

Continuous misconfiguration detection and response

  • Continuous visibility of misconfigurations and vulnerabilities
  • Strategic, real-time prioritization of risk and remediation
  • Dashboards and reports of security and compliance posture
  • Roadmap to playbook-controlled auto-remediation


Need accurate on-demand security and compliance audits and assurance?

DOWNLOAD A TRIAL OF NIPPER >

Ready for continuous misconfiguration detection and response?

REQUEST A DEMO OF NIPPER ENTERPRISE >

Related Resources

Check out our latest resources
Establish Defendable Network & Automate RMF Compliance
Read more
Establish Defendable Network & Automate RMF Compliance

Combining continuous misconfiguration detection and auto-mitigation with risk-focused compliance analysis

Read more
Nipper Enterprise Product Overview
Read more
Nipper Enterprise Product Overview

Foundational network configuration security for Zero Trust and PCI DSS 4.0 assurance at scale

Read more
Titania Nipper Datasheet - Military & Federal
Read more
Titania Nipper Datasheet - Military & Federal

Analysing the configurations and interactions of your network infrastructure with the expertise of a skilled penetration tester - Nipper’s unrivalled accuracy typically saves auditors more than 3 hours per audit, per device

Read more
Titania Nipper NIST 800-171 Datasheet
Read more
Titania Nipper NIST 800-171 Datasheet

Nipper’s NIST 800-171 Module automates the accurate assessment of 21 (60%) NIST 800-171 requirements for core network devices across 6 control families.

Read more