SteelCloud has spent the last decade inventing technology to automate policy compliance, configuration control, and Cloud security.  We are a U.S. small business located in Northern Virginia, in the metropolitan Washington DC area.  SteelCloud makes “hard things, simple” – working with government organizations, federal contractors, large corporations, and the vendors that supply technology to our customers.

Information Assurance Experience – SteelCloud brings a unique IA perspective to our customers and partners.  We have years of experience in manually hardening systems creating the foundation for developing exciting new patented technologies for automating STIG and CIS remediation.  We have implemented policy-compliant solutions in each of the DoD Services, and in major DoD and Civilian agencies – both in the U.S. and around the world.  SteelCloud was instrumental in hardening one of the first DoD applications to get an ATO in the Amazon AWS commercial cloud.  As with all of our initiatives, we strive to simplify government security mandates and give our customers back the agility necessary to exceed mission their objectives.

STIG Remediation & Beyond – SteelCloud developed our patented ConfigOS policy remediation solution as a direct result of years of security administration work.  ConfigOS was designed as a software product to reduce the time to harden an environment around an application by over 90% and ongoing STIG compliance costs by more than 70%. In under an hour, ConfigOS allows a user to evaluate and harden every STIG control around an application – creating a securely “perfect” environment. ConfigOS now delivers all of its IA power using the Center for Internet Security (CIS) benchmarks. ConfigOS can achieve similar results for any organization with secure policy requirements.

Our Customer Experience – SteelCloud has delivered our technology in virtually every type of environment.  Our experience includes classified, tactical, weapon systems, air-gapped labs, and the commercial cloud.  Our smallest program has less than a dozen endpoints and our largest has thousands.  SteelCloud makes procurement easy.  We hold our own GSA schedule which allows us to contract directly with the government and their mission partners.  We also maintain relationships with organizations that have access to all of major GWACs and BPAs.  Major technology vendors have partnered with SteelCloud to better serve their customers.  Our technology allows vendors to more easily test and support their products in STIG and CIS-compliant environments.  Additionally, for government contractors that have DFARS mandates for NIST 800-171 compliance, we have provided our STIG automation solution so that they can quickly and easily bring, and keep their systems in compliance.