Soteria Software Press Release

May 10th, 2022

OpenRMF® Professional v2.8 Released!

Soteria Software today released their long awaited version 2.8 of the flagship software OpenRMF® Professional.


OpenRMF® Professional is the flagship product of Soteria Software, bringing automation to the Cyber Compliance arena for small and large business, organizations, U.S. Federal government, commerical entities as well as international government groups. It does this through automation of scan data, patch data, vulnerabilities, compliance, controls, reporting, and a live POAM all in a single source of truth. ATOs, accreditation, FedRAMP approval processes as well as continuous monitoring and reporting is cut down by over 50% saving countless hours and dollars and treating cyber compliance and cyber hygeine as a top priority.


There were several major updates to the software that have been requested over the last year. The main highlights are below:

  • Ability to use Audit Compliance Scans from Nessus/ACAS to create checklists
  • Ability to use CIS .audit files to automatically create checklist templates to use for CIS benchmark audit compliance scans
  • Importing directly from SonarQube and Fortify for other vulnerability data to track in a system package
  • Integration with Jira, GitLab, GitHub, and ServiceNow directly to create tasks and issues to track for work performed around OpenRMF® Professional related data and tasks
  • Importing directly from Nessus Professional (ACAS scanner component) to import patch scans and audit compliance scans directly
  • Automatic document generation for DoD compliant System Security Plan (SSP), Security Assessment Report (SAR), and Risk Assessment Report (RAR) for a system package
  • Updated POAM format to match the DoD compliance POAM format
  • A new role to manage all templates, including creating custom checklist templates and CIS checklist templates from .audit files (mentioned above)
  • Reformatted XLSX exports throughout for proper spacing, formatting, color codes, and borders


"With this release of OpenRMF® Professional version 2.8, we have realized 4 years of work toward our initial version of automating cyber compliance", Dale Bingham CEO of Soteria Software stated. "Our Air Force Certificate to field, the Army approval to run the software we have in the Pentagon, as well as the upcoming Navy DADMS approval shows that our ideas and vision around RMF, FedRAMP and cyber compliance automation are badly needed. In the U.S. Federal government, international governments, as well as in commercial spaces assisting and selling to those same groups."


More information on the software release and its availability as well as training can be found at their website www.soteriasoft.com.