Relate DISA STIGs with NIST Controls Seamlessly through RMF CIA or FedRAMP levels and Tailoring. Generate Compliance reports with the click of a button.
Automated POA&M tracking links related STIG Checklists and Patch Scans and their status. Reduce manual workload and build trust and confidence in your data.
Easily upload DISA, Nessus or OpenSCAP scans to create checklists. Upload, update and upgrade STIG Checklists and track version changes automatically. Create Custom Checklists as well!
Quickly gain status across all System ATOs directly, dive into specific system packages to see more detail, track open vulnerabilities and more.
See POA&M status, STIG Checklist and Patch Vulnerability items, PPSM listing, Generate Compliance and assess Risk with a single sourch-of-truth.
Easily upload SCAP scans to create checklists, update checklists via the web, and report on devices and hosts easily. Automatically generate Status (*.pptx).
OpenRMF Professional gives you a single definitive source-of-truth for all STIG Checklists, Patch Vulnerabilities and NIST Controls Compliance across your entire system package.
Remove the manual, cumbersome, error-prone editing of your POA&M status on vulnerabilities and let OpenRMF automate that work for you!
OpenRMF Professional automates many manual tasks, gives you confidence in your data, and builds trust with your team and assessors on your compliance and continuous monitoring.
Multiple roles for users across system packages, data, and actions to allow role-based access control to the System Package or Team Subpackage level
v2.5 introduces Team Subpackages to group checklists and/or devices under teams so they view and manage only their data
Reports for gathering data across your whole system package quickly and accurately on vulnerabilities by status, device, risk, and controls
License is based on the number of Active System Packages being tracked (i.e. an ATO or accreditation), regardless of the number of users, devices, or checklists