New features will help government and commercial companies more easily achieve and maintain compliance with common industry benchmarks
RapidFort, a leading innovator in cybersecurity pioneering Software Attack Surface Management (SASM), has added a new compliance capability to its platform to help both government and commercial organizations benchmark their container images against the Security Technical Information Guide (STIG) framework. In thirty seconds or less RapidFort scans for and identifies configuration errors and vulnerabilities in code, generating an executable script and automatically remediating identified risks.
Compliance plays a critical role in regulated industries like fintech, healthcare, and critical infrastructure, and RapidFort customers now have access to tools that will help them identify, achieve, and maintain compliance with their necessary industry standards. Government organizations that work with the Department of Defense (DoD) must comply with STIG configuration standards for device hardware and software that help safeguard the DoD’s IT network and systems.
“Compliance benchmarking is essential for businesses within regulated industries as well as companies using containers with intellectual property or customer data,” said Mehran Farimani, CEO of RapidFort. “With regulatory requirements only growing, we recognize the challenge this can present to security and development teams, so we wanted to give our customers an easier way to achieve their compliance requirements. Our simple and easy-to-use tool can now quickly benchmark their containers, and automatically address any vulnerabilities within the code, reducing manual code changes and compliance headaches.”
The compliance features are built into RapidFort’s innovative SASM platform, designed to identify and remove unused components without altering the software’s behavior, resulting in smaller, more performant and secure software. RapidFort’s flagship runtime toolset, RapidFort Runtime, scans, profiles, monitors, and secures containers in production environments, pinpointing vulnerabilities within applications’ execution paths. This comprehensive approach enables teams to protect their infrastructure and maintain compliance by automatically removing unused components and undetected vulnerabilities, reducing software attack surfaces by more than 80%.
Large portions of the STIG Toolset were developed through contracts with SpaceWERX. SpaceWERX is the innovation arm of the United States Space Force and blends the best of commercial innovation with the needs of United States Space Guardians. The enterprise version is available on RapidFort’s website, while the Department of Defense version is available for download at USAF PlatformOne Ironbank.
For more information about RapidFort’s new compliance tool, visit https://www.rapidfort.com/.
The views expressed are those of the author and do not necessarily reflect the official policy or position of the Department of the Air Force, the Department of Defense, or the U.S. government.
Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!
