learn your security programs
cmplid://’s native analysis engine provides for detailed granular guidance to be documented for all pertinent aspects of managed security programs. Analysis that may be documented includes:
The intent of the security standards
The objective of and consequence of failure of the security standards
The relationships between the security standards
The controls required to implement the security standards
The rationale, e.g. risks, vulnerabilities, threat vectors, etc… that mandate protection
Configuration data that must be documented to maintain the security program
The relationship between the security standards and formal frameworks, e.g. the NIST framework for Improving Critical Infrastructure Protection
All of this information is tied to specific attributes of the resources within scope to consistently manage the security program. Visibility of the resource attributes is key to effective and efficient security management.
understand within context
The information learned about the security programs is necessary to identify many aspects of the security programs that otherwise would be lost in the official documentation. Knowing this information leads to better decisions about security management.
improve security operations
The insight gained from cmplid://’s native analysis engine is invaluable.
Contact cmplid:// inc. to learn more, partner with us, buy a license, or schedule a demo.