The Federal Information Security Management Act (FISMA), Title III of the E-Government Act of 2002, outlines requirements to secure federal information.
Each federal agency, including contractors or other organizations who work with the agency, must develop, document, and implement an agency-wide information security program. The National Institute for Standards and Technology (NIST) provides detailed guidance and recommendations for FISMA compliance. NIST guidelines encompass all aspects of information security. FISMA sections 3544 and 3505 require the following:
Axxera provides the most effective way to establish, enforce, monitor, and manage the security policies you need to ensure compliance and protect your agency's federal information assets.
Axxera CI provides the following capabilities critical to comprehensive security and FISMA compliance:
|NIST 800-53 Requirement||The Axxera CI Solution|
|CA-7 Continuous Monitoring||Axxera CI delivers continuous monitoring for security events, anomalous behavior, configuration changes and policy violations, and vulnerability exposure. Axxera CI SIEM integrates with over 250 3rd party Security tools.|
CI SIEM Product
|IR-5 Incident Monitoring||Security events are marked Impact Flags based on the asset profile and vulnerability information to speed analysis and allow analysts to focus on critical events.|
Management Console for SOC
|RA-3 Risk Assessment||Axxera CI Portal creates a real-time profile of the OS, applications, databases. Configuration changes result in a continuously updated risk assessment vs. known vulnerabilities.|
|RA-5 Vulnerability Scanning SI-3 Intrusion Detection Tools and Techniques||Axxera CI creates a real-time profile of the OS, applications, services, databases of known vulnerabilities.|
|SI-3 Intrusion Detection Tools and Techniques||Axxera CI SIEM exceeds the recommended protection with its own proprietary tools for IDS/IPS documented in NIST 800-53.|
|CM-1 Configuration Management Policy and Procedures||Axxera CI SIEM integrates with 3rd party tools with over 250 sensors built to integrate and generate automated ticketing via its ticketing system and displaying on CI Portal. The system automates monitoring and enforcement of configuration policy.|
|CI SIEM Product
|CM-4 Monitoring Configuration Changes||The 3D System enables users to implement baseline configuration policies for all Security products it integrates. The system automates monitoring and enforcement of configuration policy via its Ticketing system & Portal.|