New features will help government and commercial companies more easily achieve and maintain compliance with common industry benchmarks

SAN FRANCISCO: RapidFort, a leading innovator in cybersecurity pioneering Software Attack Surface Management (SASM), has added a new compliance capability to its platform to help both government and commercial organizations benchmark their container images against the Security Technical Information Guide (STIG) framework. In thirty seconds or less RapidFort scans for and identifies configuration errors and vulnerabilities in code, generating an executable script and automatically remediating identified risks.

Compliance plays a critical role in regulated industries like fintech, healthcare, and critical infrastructure, and RapidFort customers now have access to tools that will help them identify, achieve, and maintain compliance with their necessary industry standards. Government organizations that work with the Department of Defense (DoD) must comply with STIG configuration standards for device hardware and software that help safeguard the DoD’s IT network and systems.

“Compliance benchmarking is essential for businesses within regulated industries as well as companies using containers with intellectual property or customer data,” said Mehran Farimani, CEO of RapidFort. “With regulatory requirements only growing, we recognize the challenge this can present to security and development teams, so we wanted to give our customers an easier way to achieve their compliance requirements. Our simple and easy-to-use tool can now quickly benchmark their containers, and automatically address any vulnerabilities within the code, reducing manual code changes and compliance headaches.”

The compliance features are built into RapidFort’s innovative SASM platform, designed to identify and remove unused components without altering the software's behavior, resulting in smaller, more performant and secure software. RapidFort’s flagship runtime toolset, RapidFort Runtime, scans, profiles, monitors, and secures containers in production environments, pinpointing vulnerabilities within applications' execution paths. This comprehensive approach enables teams to protect their infrastructure and maintain compliance by automatically removing unused components and undetected vulnerabilities, reducing software attack surfaces by more than 80%.

Large portions of the STIG Toolset were developed through contracts with SpaceWERX. SpaceWERX is the innovation arm of the United States Space Force and blends the best of commercial innovation with the needs of United States Space Guardians. The enterprise version is available on RapidFort’s website, while the Department of Defense version is available for download at USAF PlatformOne Ironbank.

For more information about RapidFort’s new compliance tool, visit https://www.rapidfort.com/.

The views expressed are those of the author and do not necessarily reflect the official policy or position of the Department of the Air Force, the Department of Defense, or the U.S. government.

About RapidFort

RapidFort offers a cybersecurity platform that streamlines and secures modern infrastructure. Their innovative approach allows organizations to continuously monitor and minimize their software attack surface, ultimately improving their security posture and operational efficiency. RapidFort empowers development and security teams with a free tier and free community images, making it easy to get started with secure software development. Learn more about RapidFort at https://www.rapidfort.com/.

About SpaceWERX

As the innovation arm of the U.S. Space Force and a unique division within AFWERX, SpaceWERX inspires and empowers collaboration with innovators to accelerate capabilities and shape our future in space. Headquartered in Los Angeles, SpaceWERX employs 40 military, civilian and contractor personnel executing an annual $457 million budget. Additionally, SpaceWERX partners with Space Systems Command's Commercial Space Office (COMSO) as a collaborative program. Since it was aligned under AFRL in Aug. 2021, SpaceWERX has executed 1106 contracts worth more than $897 million to strengthen the U.S. defense industrial base and drive faster technology transition to operational capability. For more information, visit spacewerx.us.

Fonte: Business Wire