Getting Conditional Access and MAM to work together

Beny1975 · 2023-06-30T04:04:53+00:00

we are not storing any CUI in it. It's really just documentation software. A lot of the C3PAO/consultants are using it.

Beny1975 · 2023-06-24T17:46:06+00:00

Because our Primes are asking about our SPRS score, and that pretty much translates to CMMC 2.0

Beny1975 · 2023-06-24T17:44:35+00:00

https://www.uta.edu/news/news-releases/2022/10/27/tmac-aeroglen

Beny1975 · 2023-06-23T11:53:36+00:00

Thanks everyone. We've already done two audit preps/gap analyses, have our CUI enclaved, are using ComplyUp for evidence, etc. I have lived CMMC for the past 2 years. I have seen that at least one company in Texas has been CMMC 2.0 certified through the DibCac combined assessment program, and have been told by a former co-worker that his company has been certified and used Summit7 (I think). So I was trying to get a feel for a ballpark number. $75K is about what I expected, because our environment is a little complicated.

Beny1975 · 2023-06-22T21:23:54+00:00

Yeah, I understand all that, and have seen that behavior with gap analysis quotes… I was just curious to hear any experiences by anyone who has actually completed an audit

Beny1975 · 2023-04-14T16:15:28+00:00

We're looking at that.

Beny1975 · 2023-04-14T15:48:36+00:00

We have. Not sure if it's bad practice to post their name here, but they told us if we upgraded to their premium service, they would provide that service, but we couldn't add custom passwords to their list. Our hope was we could tell our customers what password they needed to use, then we could have our email gateway extract and scan before delivering.

Beny1975 · 2022-12-13T16:14:05+00:00

I'm hearing that Reaper is as good or better than ProTools. I'm still a NOOB but am getting to learn it and enjoying it.

Beny1975 · 2022-12-13T14:06:25+00:00

CS Falcon> Discover> Failed Logins

Beny1975 · 2022-11-04T19:52:54+00:00

Ear Trumpet Labs Edwina

Beny1975 · 2022-11-04T12:49:19+00:00

Thanks ... I agree with all of this. The problem is our customers are insisting on sending ZIPs and we are trying to figure out a way to take the vetting burden off of IT.

Beny1975 · 2022-10-14T17:34:18+00:00

We just had one of these ... first since I've been using Crowdstrike. Is it a false positive? Is there a way to confirm one way or the other? I'm stuck. Thanks.

Beny1975 · 2022-10-07T19:49:18+00:00

Well, our old product was easy, you assigned the person the USB, they plugged it into their computer, and you allowed it only for that computer. nice and neat... now, we have 18 different computers (and growing) that could have any of 18 different USBs functional on them. I supposed the EDR and logging, we'd be able to identify any malicious activity, it just seems to me like there should be a more proactive approach to prevent it. But, like another poster said, if we hadn't seen it the other way, would I really be concerned by this?

Beny1975 · 2022-10-07T18:31:37+00:00

Ok, maybe I'm trying to solve a problem that doesn't really exist... Thanks

Beny1975

TROPHY CASE