Continuus: A Continuous Monitoring Solution
From the founder to the latest hire, technology is in our company DNA.
Introducing Continuus
In collaboration with the an Intelligence Community Customer, and with the support of Aerstone, one of five companies worldwide certified by the NSA-certified as a vulnerabiliContinuus: a fully compliant Information Systems Continuous Monitoring (ISCM) solution designed for rapid deployment and inexpensive ongoing support. Continuus is on a highly customizable and expandable .NET platform. Continuus delivers real-time ISCM intelligence, with a sophisticated least privilege access model that ensures sensitContinuus platform Meets these challenges this through three key modules:
Request a Demo
Data Management
- Native out-of-the-box data connectors for 50+ different security and related databases (ServiceNow, Carbon Black, Nessus, etc.).
- Optimized cloud-based data extraction to reduce load on production systems while providing near real-time reporting on Enterprise assets.
- Security compliance from the network fabric level down to the system and asset level.
Data Modeling and Risk Analysis
- Pre-built data models that rapidly provide risk insights based on a customizable risk model.
- Sophisticated and customizable security data modeling, based on enterprisedefined thresholds and settings.
- Out-of-the-box rulesets, with the ability to customize for Enterprise needs.
Continuous Monitoring
- Full compliance with NIST SP 800-171 requirements.
- Support for compliance and remediation filtering, with drill-down analysis.
- Historical compliance tracking.
- Support for both data-driven and attestationbased security controls.
- Multiple views of your most important data via traditional graphs and heat maps.
Don’t go it alone!
Blackspoke can help you navigate the complexities of ISCM and FISMA compliance
Challenges
There are a number of key challenges associated with implementing
a workable continuous monitoring (“conmon”) program. These challenges include:
Sprawling networks
Sprawling networks
Many government agencies have geographically dispersed networks that span multiple security classifications
Multiple products
Multiple products
Over time, most government agencies have deployed a large array of security toolsets that do not natively communicate with each other.
Data volume
Data volume
Most security products generate an immense amount of data on a daily basis.
Data complexity
Data complexity
Security products tend to maintain their own individual data architectures, with custom APIs and highly complex and undocumented data models.
Incomplete inventories
Incomplete inventories
Most agencies do not maintain a complete and up-to-date hardware or software inventory, and struggle to trace assets to owners.
Agencies need an ISCM
solution that:
- Satisfies 100% of the NIST and FISMA requirement set
- May be rapidly and inexpensively implemented
- Is easy to support and customize
- Can be customized and expanded
- Can scale to handle the large volumes of data involved
One Continuus customer became the first Federal agency to achieve a Level 4 “Managed and Measurable” FISMA rating for ISCM, securing over 200,000 assets across 1000 systems
on multiple network fabrics.
Continuus provides:
- 1Deep insight into compliance across all eleven (11) NIST 800 SP 137 ISCM domains
- 2Sophisticated and customizable security data modeling, based on enterprise-definable thresholds and settings
- 3Security compliance from the network fabric level down to the system and asset level
- 4Support for compliance and remediation filtering, with drill-down analysis
- 5Complex risk modeling and alerting
- 6Continuous authorization (CATO) workflow management
- 7Historical compliance tracking
- 8Support for both data-driven and attestation-based security controls
