About Soteria Software

Soteria Software was born from the idea of automating the massively manual steps of collecting, classifying, managing, and reporting on cyber compliance.

Our Mission Passion

Soteria Software creates cyber compliance automation software. Using the right technologies for the right purpose, we enable reduction of task-based work around accreditations and ATOs up to 90%.


Our mission. No. Our PASSION is to change the expectation for the world around cyber compliance – to expect hyperautomation, giving you and your team the time, energy and resources for proper cyber hygiene and improved cyber security.

What We Do

Why We Do It

Automation and Tracking around RMF, FedRAMP and Cyber Compliance data from SCAP, Checklists, Audit Compliance Scans (DISA and CIS Benchmarks)

We cannot keep up with changes, patches, good cyber hygeine and battling bad actors by "throwing people at the problem"

Automated documentation for assessments for System Security Plan, Security Assessment Report, and Risk Assessment Report as well as POAM

Tracking CKL and SCAP scans, patch scan PDFs and the other vulnerabilities from container scans and software scans is disjointed

External API for data exchange, automation of upload for scans and continuous monitoring, as well as integration with external systems

Separate MS Excel files for compliance, POAM, SAR, RAR, SSP and other documentation disconnected from source data is hard to keep up-to-date

Reporting for vulnerabilities, differences in checklist data, patches, hardware and software listing, ports/protocols/services listing

We cannot combat bad actors, zero day threats and state sponsored cyber attacks by reviewing things manually

Integrate with DevSecOps / Software Factories to automate secure deployment and delivery based on cyber compliance

Track history and trends of vulnerability scans and numbers across a whole system package

Our Story

OpenRMF Professional

The amount of data to collect, track, analyze, and report is more and more overwhelming. Which means automation must come into play to allow confidence and trust to permeate the process. And de-stress the directors, managers, staff, assessors, and government officials at the same time.


This has been the conversation with us (the owners of Soteria Software) since 2004 when we met at the Navy EOD TechDiv in Indian Head, Maryland. For the next 14 years we kept doing the same thing over and over and saying "there has to be a better way"! And no one solved this growing problem.


So in the summer of 2018 we started working on what has become OpenRMF® Professional! We started with a simple STIG checklist viewer and editing with OpenRMF® OSS.


From then on we have added functionality, APIs, an improved user interface, AuthN/AuthZ, additional scan imports, integration with task management software, updating STIG checklists, bulk editing and locking operations, and more. We were constantly asked for more and more features and saw a need for not just an open source OpenRMF® OSS. We saw a need for the larger organizations, agencies, and even commercial companies to track revisions, merge scans, and perform continuous monitoring.


Our OpenRMF® Professional solution is designed to use your compliance, patch, and vulnerability scans from the ground up. Automate around the data you already need to have. And do so in an automated fashion to make a Live POAM, generate compliance snapshots, track history and configuration management of your data, run data calls, and hyperautomate with our API as part of your larger Cyber Security Mesh Architecture (CSMA).


This company, Soteria Software, was created to fill that need.

Leadership Team

Dale Bingham

Dale is the Chief Executive Officer (CEO) and one of the founders of Soteria Software. He has a Bachelors in Computer Science and a Masters in Computer Systems Management. Dale has been a developer at heart since high school in the early 1990's and has continued that ever since. His desire for automation and security application development has been a driving force in the OpenRMF® journey.


Dale has been a lead software engineer for some time. In the 2000's he learned the STIG process as well as more secure software development when dealing with custom government projects. This put him into the lead whenever STIGs were involved project after project. Seeing the manual nature of this bugged him, which led him to where he is today.

David Gould

Dave is the Chief Information Security Officer (CISO) and the other founder of Soteria Software. He has a Bachelors in Information Technology and Information Security and started as helpdesk then a system administrator and worked into lead system administrator and network engineering roles.


In the 2010's he switched to Information Assurance (IA) which is now cybersecurity and has excelled there as well. With a network and systems background along with a CISSP, Dave has a keen sense of not just what has to be done on the cyber side for policy and security. He understands ways to implement security on the server, network, and application side as well to get a clear picture of cyber from all angles.

We are hunting for GSD'ers

At Soteria Software we believe in the Get "Stuff" Done concept! And we are looking for people with the right attitude and work ethic to be software engineers, test engineers, automation engineers, as well as support and customer service representatives. A great place to start -- go to OpenRMF® OSS . This upstream project is where great ideas happen. Where additions to the ecosystem of OpenRMF® happen. And where can understand the concepts that launched our company.


In today's world...we are ALL Cyber professionals. Check out the project!


Check out our careers page to see what we need. Or just contact us if you think you can add value!

Join the team