Continuous Monitoring

Integrated services, best practices, and automation tools for continuous diagnostics and mitigation from Telos Corporation -- the leader in federal cybersecurity.  

Achieving continuous monitoring requires a balanced combination of processes, people, and technologies to help organizations automatically detect, report and correct vulnerabilities in their IT environments.

These factors make Telos Corporation a logical choice for developing, deploying and supporting your continuous diagnostics and mitigation efforts.  We tailor our cybersecurity services and solutions to our customers’ specific technology and business environment – a key requirement for effective continuous monitoring.

Cybersecurity services: skills and experience count in continuous monitoring.

Telos has provided cybersecurity services to the DoD, the Intelligence Community, federal civilian agencies, and commercial business for more than 20 years.  Telos employs over 140 cybersecurity analysts and engineers, most holding major security certifications (CISSP, CISA, CCNA) with clearances up to TS-SCI, allowing us to work at the highest levels of security sensitivity. 

Telos works with agencies to help them establish, implement, and maintain a continuous monitoring program in accordance with guidance from NIST SP 800-137: Define continuous monitoring strategy; Establish measures and metrics; Establish monitoring and assessment frequencies; Implement a continuous monitoring program; Analyze data and report findings; Respond with mitigating strategies, or transfer or accept risks; and Review and update continuous monitoring strategy and program.

Our work is informed by relevant guidelines for continuous diagnostics and mitigation such as NIST’s Risk Management Framework (SP 800-37), SP-800-137, SP-800-39, and others.  Our staff’s professional qualifications, combined with over two decades experience in providing security services, demonstrate our ability to provide world-class security services to our customers.

Best-of-breed approaches and processes for continuous monitoring.

Telos adheres to established IT security processes and frameworks to ensure the continuous monitoring and management of security postures.  Our services and solutions reflect the recommendations of the NIST Risk Management Framework; the Continuous Asset Evaluation, Situational Awareness, and Risk Scoring (CAESARS) model for continuous asset evaluation and risk scoring; the emerging FedRAMP requirements for assessing, authorizing and continuously monitoring cloud solutions, and others. 

Automation tools: streamline processes for continuous monitoring and security risk assessment.

Human judgment is essential in sound cybersecurity assessment and monitoring. But automation tools can also streamline processes and help eliminate errors and oversights.  That’s why Telos’ risk management solutions support continuous monitoring and related activities with automation capabilities wherever they improve accuracy and efficiency. 

“Real‐time monitoring of implemented technical controls using automated tools can provide an organization with a much more dynamic view of the security state of those controls.”  NIST SP 800-137

Telos’ Xacta^® IA Manager offers continuous assessment capabilities that enable organizations to track the security state of a wide range of information systems on an ongoing basis and maintain the security authorization for the systems over time. Its elements work together to provide CISOs and other senior leaders with a dynamic view into the current status of security controls.

Xacta Continuous Assessment: Situational awareness of risks and threats.  Xacta Continuous Assessment automatically detects changes to the IT environment so you’re always aware of potential risks and threats. Its automatic vulnerability update service delivers the right guidance at the right time about what actions to take in response to potential threats.

Xacta Flux: Automate mapping of IT asset scans to the relevant controls.  Xacta Flux correlates scans from multiple disparate sources on the fly to the corresponding standards for security and risk management, such as NIST, DIACAP, DCID, and others.  You can then use these results to create reports for analysis and to understand trending security issues in your environment.

The elements of Xacta IA Manager work together to support continuous monitoring of your cybersecurity posture with continuous diagnostics and mitigation of vulnerabilities in your IT environment.