Browse Products & Solutions
- Asset & Expense Management Assessment
- Breach Notification Plan Assessment
- Business Continuity Planning Assessment
- CMMC
- Compliance Assessment
- Compliance Data Center Technology Cyber Security Cloud
- Cyber Risk Assessment
- Cyber Security Program Development Assessment
- Dark Web Assessment
- Disaster Recovery Planning Assessment
- Email Threat Assessment
- Governance Program Development
- HIPAA
- HITECH
- HITRUST
- ISSO 27001
- Incident Response Plan Assessment
- Penetration Test - PenTest
- Policy Review Assessment
- Mobile Security Assessment
- Pre Audit Readiness Assessment
- Privacy Assessment
- Readiness Assessment - CMMC, SOC, HITRUST, HIPPA, HITECH, ISO 27001
- Regulatory Compliance Gap Assessment (GDPR, CCPA, CMMC)
- Security Impact Assessment
- Short Tenure Time Watch
- SOC 1
- SOC 2
- SOC 3
- SOC for Cybersecurity
- SOC for Vendor Supply Chain
- Third-Party Risk Assessment
- Vendor Risk Management Assessment
What You Need To Know
The Cybersecurity Maturity Model Certification (CMMC) is the standard response from the Department of Defense regarding notable compromises within contractors' information systems. It is used for implementing cybersecurity throughout the defense industrial base (DIB), which consists of over 300,000 organizations.
Latest Update
Version 1.0 was published January 31, 2020
Who Requires It?
All Department of Defense contractors require a CMMC certification, including all suppliers in the supply chain, SMBs, commercial contractors, and foreign suppliers.
Assessment
Contractors are responsible for implementing, monitoring, and certifying proper security is in place for protecting their data systems and any important DoD information. However, an independent 3rd party is also required to assess the contractors' compliance.
Framework
Five (5) certification levels are required to confirm proper security:
1. Fundamental Cyber Hygeine - using antivirus applications, employee password update protocols
2. Intermediate Security - protection of Controlled Unclassified Information (CUI) using portions of the S Department of Commerce National Institute of Standards and Technology's (NIST’s) Special Publication 800-171 Revision 2 (NIST 800-171 r2) security requirements.
3. Utilizing all NIST 800-171 r2 Security Requirements in an organization-wide cyber protection plan
4. A review board is in place to evaluate instilled practices, techniques and procedures
5. Set a standard process to detects and respond.

Coyote Brown
Let's Talk CyberWe are a Cyber Security Consulting & Advisory Firm composed of highly experienced strategic cybersecurity advisors and consultants helping clients maintain a healthy cyber security posture.

Devo
Cloud-native logging and security analytics to confidently
Palo Alto Networks
We’re committed to delivering security without compromisePalo Alto Networks, Inc., operates a multinational cybersecurity company that provides advanced firewalls and cloud-services.

Strike Graph
Get certified. Build trust. Win deals.Strike Graph customers earn audited SOC2 security certifications with confidence.

AppViewX
AppViewX is the Next-Gen Machine Identity Management, Automation and Orchestration platform for Enterprise IT.

Aqua Security
Aqua protects applications from development to production, across VMs, containers, and serverless workloads,
up and down the stack.

BrandShield
BrandShield prevents, detects and fights online scams: phishing attacks, fraud, executive impersonations and more.

Deceptive Bytes
Deceptive Bytes provides an Active Endpoint Deception platform that dynamically responds to attacks as they evolve and changes their outcome.

Fortalice Solutions
We transform a reactive security model into a proactive, results-based model.Their highly-skilled practitioners are trained to meet clients where they are – whether that be in the midst of a crisis or proactively seeking cybersecurity services.

Infoblox
Infoblox delivers essential technology to enable customers to manage, control and optimize DNS, DHCP, IPAM (DDI).

Infocyte
Infocyte is a globally trusted leader in proactive threat detection, Microsoft 365 security compliance, and incident response.

Kenna Security
Kenna Security saves you time and money, and helps your Security and IT teams work more efficiently.

Trend Micro
A global leader in cybersecurity that helps make the world safe for exchanging digital information.

Quantum Armor

BeyondTrust
BeyondTrust is a global leader in Privileged Access Management (PAM), empowering companies to protect and manage their entire universe of privileges

CyberArk
CyberArk leads the market in securing enterprises against cyber attacks that take cover behind insider privileges and attack critical enterprise assets

Armis
Armis Security - Agentless Device Security PlatformArmis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices.

Blackpoint Cyber
Managed Detection and ResponseBlackpoint Cyber is a technology-focused cybersecurity company headquartered in Maryland, USA. The company was established by former US Department of Defense and Intelligence security experts and leverages its real-world cyber experience and knowledge of malicious tradecraft to help MSPs safeguard their infrastructure and operations.

Expel
Managed Detection and Response (MDR) SOC as a ServiceExpel - Transparent SaaS (SOC as a Service)

IronNet Cybersecurity
Network Detection & ResponseIronNet Cybersecurity is a global cybersecurity leader that is revolutionizing how enterprises, industries, and governments secure their networks

OneLogin
Password ManagementOneLogin by One Identity provides Identity and Access Management (IAM) solutions. OneLogin provides you with everything you need to secure your workforce, customers, and partners at a price that works with your budget. OneLogin secures over 5,500 customers worldwide, including Airbus, Stitch Fix, and AAA.

Semperis
Semperis is the pioneer of identity-driven cyber resilience for cross-cloud and hybrid environments.

Vanta
Automated security monitoring for compliance certifications: SOC 2, HIPAA, and ISO 27001

Tugboat Logic
Like the immortal tugboat, we're passionate about guiding you through the rough seas of information security and privacy into the calm waters of proven policies, practices and compliance.

Cybereason
Endpoint Detection and ResponseCybereason provides cyber attack protection that unifies security from the endpoint, to the enterprise, to everywhere the battle moves. Cybereason's Defense Platform combines the industry’s top-rated detection and response (EDR and XDR), next-gen anti-virus (NGAV), and proactive threat hunting to deliver context-rich analysis of every element of a MalOp (malicious operation). Cybereason is a privately held, international company headquartered in Boston with customers in more than 40 countries.

Drata

Gradient Cyber
Trusted Security Operations as a Service.Gradient is a total solution that is a powerful combination of proprietary technology and Sr. Cybersecurity Analysts that make the job of managing security much easier for smaller IT teams; without breaking the bank.

Keeper Security
Password ManagementKeeper Security is a Password Management SaaS Platform that helps you manage, protect and monitor all your organization's passwords, secrets and remote connections with zero-trust security.

1Password
Password Management1Password is trusted by more than 100,000 businesses to protect their data, 1Password gives you complete control over passwords and other sensitive business information.
1Passworkd is a key asset of the Identity and Access Management (IAM) stack, 1Password protects all employee accounts – even those you aren’t aware of. Give employees secure access to any app or service and safely share everything you need to work together – including logins, documents, credit cards, and more – while keeping everything else private.
1Password is easy to deploy and integrates with Azure AD, Okta, OneLogin, and Slack, so you can automatically provision employees using the systems you already trust. It’s simple to manage and fits seamlessly into your team’s workflow, so you can secure your business without compromising productivity.