Continuous compliance monitoring of information systems has long been a policy goal for improving the security posture of enterprise networks. Achieving continuous compliance monitoring requires a balanced combination of processes, people, and technologies to help agencies automatically detect and report vulnerabilities in the IT environment and maintain compliance with security controls.
These factors make Telos Corporation a logical choice for continuous compliance monitoring programs. We tailor our services and solutions for information and cyber security to our customers’ specific technology and business environment – a key requirement for effective continuous monitoring.
Telos has provided cyber security services to commercial business, the DoD, the Intelligence Community, and federal civilian agencies for nearly 25 years. Telos employs over 120 cyber security analysts and engineers, most holding major security certifications with clearances up to TS-SCI, allowing us to work at the highest levels of security sensitivity.
Our work is informed by relevant guidelines such as NIST’s Risk Management Framework (SP 800-37), NIST’s guidance for information security continuous monitoring (SP-800-137), the NIST Cyber Security Framework, and others. Our staff’s professional qualifications, combined with over two decades experience in providing information security services, demonstrate our ability to provide world-class security services to our customers.
Telos adheres to established IT security processes and frameworks to ensure the continuous compliance monitoring and management of security postures. Our services and solutions reflect the recommendations of the NIST Risk Management Framework; the Continuous Asset Evaluation, Situational Awareness, and Risk Scoring (CAESARS) model; the FedRAMP requirements for assessing, authorizing and continuously monitoring cloud solutions, and others.
Human judgment is essential in sound cyber security assessment and monitoring. But automation tools can also streamline processes and help eliminate errors and oversights. That’s why Telos’ risk management solutions support continuous compliance monitoring and related activities with automation capabilities wherever they improve accuracy and efficiency.
Telos’ Xacta® suite of solutions offers continuous compliance assessment capabilities that enable organizations to track the security state of a wide range of information systems on an ongoing basis and maintain the security authorization for the systems over time. Its elements work together to provide CISOs and other senior leaders with a dynamic view into the current status of security controls.
Its tightly integrated, complementary components include:
Xacta Continuum®: to organize your IT asset data and automate mapping of IT asset scans to the relevant controls.
Xacta HostInfo: to gather the information needed for security assurance.
Xacta Detect: to manage agent tasking and collect vulnerability and configuration data.
“Real‐time monitoring of implemented technical controls using automated tools can provide an organization with a much more dynamic view of the security state of those controls.” NIST SP 800-137
Telos: A deep legacy in continuous monitoring.
The cyber security professionals at Telos Corporation have been advocates of continuous compliance assessment, monitoring, and enforcement for more than a decade.
We first conceived of continuous assessment in 1999 as part of our long-term strategy to make the C&A process more meaningful — less about documentation and paperwork drills, more about understanding risk posture on an ongoing, continuous basis.
Telos introduced its patented continuous assessment functionality in Xacta in February 2003. Today our cyber security personnel continue to monitor and protect some of the largest networks in the world and continually enhance the capabilities of Xacta for today’s continuous compliance monitoring requirements.