SteelCloud ConfigOS – Windows STIG Remediation Demo

Updated June 2016

Welcome to SteelCloud’s updated Windows STIG remediation demonstration using ConfigOS. This video demonstration will show the simplicity of automating STIG policy remediation in a Windows domain and non-domain environment, salong with important new features that have been requested by our clients. ConfigOS is not a simple scanner that tells what you’ve done wrong (such as ACAS, SCAP, Retina et al), but rather a complete remediation solution that changes everything about how you harden systems and stay in compliance. Simply click here to see the remarkable simplicity of STIG remediation, capturing the exact steps and timing to remediate hundreds STIG controls using live software on both physical and VMware virtualized Windows systems – you’ll see STIG management and compliance in a completely difference light!

From this video you’ll get a real sense of SteelCloud’s years of pedigree for productizing STIGs, building on our tremendous experience with the DoD and its mission partners around the world. More importantly, you’ll see how compelling ConfigOS is setting up new environments and maintaining STIG compliance on existing production systems. This demonstration shows complex STIG remediation and the simple process for rolling back these changes. The ConfigOS command line (machine-to-machine) interface that allows ConfigOS to be easily integrated into any security or systems management framework. ConfigOS requires no external communications and is, therefore, a great solution for disconnected networks, labs, and tactical environments.

And, if you are a software or technology company, let us show you how to accelerate your sales into the government by proving that your technology can operate in a STIG-compliant environment.

ConfigOS for Windows requires:
– No network changes
– No security changes
– No communications outside of the client environment
– No additional infrastructure – no web servers, no database servers, and no license servers
– And, it is clientless – nothing to load on target Windows systems

SteelCloud provided tested STIG signatures for:
– Windows XP/7/8/10/2003/2008/2012 – domain & non-domain
– Domain Controller 2008/2012
– Microsoft Office (full suite), IE 10/12, .NET, Chrome, Windows Firewall
– IIS
– Red Hat Linux 5/6/7 (draft), SUSE, CENTOS
– CIS various signatures

Additionally, ConfigOS revolutionizes hardening environments around applications – fully documenting security policy and delivering a secure signature for the user to replicate those policies to other environments. ConfigOS reduces the hardening time/cost by over 90% and the ongoing STIG maintenance cost by 70%. A single instance of ConfigOS can scan up to 5,000 endpoints per hour and can remediate up to 3,000.