Meet NIST 800-171 Security Requirements for CUI Protection
(Facilitate NIST 800-171 and ISO 27001 compliance with the NIST 800-171 security controls in Atomic OSSEC, the most advanced version of OSSEC HIDS.)
NIST Special Publication (SP) 800-171 is a security compliance guideline that primarily affects government contractors and suppliers to the DoD. Federal agencies require NIST 800-171 adherence in contractual agreements with nonfederal organizations that process, store, transmit or protect controlled unclassified information (CUI).
If you’re a federal contractor—or organization using NIST 800-171 as a foundation for ISO 27001 compliance—Atomicorp’s Atomic OSSEC software and professional support can help. We make it easier to address a wider and deeper range of NIST 800-171 security requirement families and individual requirements.
NIST 800-171 Security Requirements and Mapping Controls
Meet NIST 800-171 security requirements with Atomic OSSEC NIST 800-171 controls.
NIST 800-171 3.14 – System and Information Integrity
NIST 800-171 security requirement 3.14 requires flaw remediation; malicious code protection; security alerts, advisories and directives; and system monitoring. Atomic OSSEC has a vulnerability detector that can run daily and collect and analyze a software bill of materials (SBOM) from each monitored system. It also provides AV and antimalware, defense-in-depth lateral movement protection, and active response for both internal- and external-facing server networks. Atomic OSSEC’s leading file integrity monitoring (FIM) capability captures and analyzes change log details in real time, including “who” data. Each collected SIEM log is also analyzed for MITRE CVEs and other vulnerabilities. Atomic OSSEC further expands and sharpens your SIEM data through integrated global threat intelligence and threat advisories that enhance the machine learning system’s ability to recognize malware signatures and anomalous behavior.
NIST 800-171 3.12 – Security Assessment and Monitoring
3.12 calls for a security assessment, a plan of action and milestones (PoAM), and continuous monitoring of CUI data environments. Atomicorp offers security and risk assessment that includes a penetration test and risk and vulnerability report. Our Atomic OSSEC software provides intrusion and malware monitoring and vulnerability detection that can be scheduled in real time. Real-time FIM provides rapid intrusion and malware detection on systems and files and catches traces of compromise and open backdoors that timer-based FIM can miss.
NIST 800-171 3.13 – System and Communications Protection
NIST 800-171 security requirement 3.13 requires controls for boundary protection, information in shared system resources, network communications, transmission and storage confidentiality, cryptographic protections, and more. Atomicorp provides boundary protection through its intrusion prevention and WAF capabilities, which can be used to monitor north-south and east-west network traffic and block malicious addresses, and stop suspicious files, code injections, and privilege escalations. Its workload protection features enable microsegmentation to isolate workloads and avoid cross-contamination on shared resources.
NIST 800-171 3.16 – System and Services Acquisition
NIST 800-171 security requirement 3.16 governs security engineering principles, unsupported system components, and external system services. Atomicorp system security engineering principles start with the tenet of least-privilege access and deny by default. These zero trust foundations extend across modern operating systems, cloud platforms, the software supply chain, and open source software building blocks, to unsupported system components such end of life (EOL) systems. Get the visibility and security control capabilities you need to secure your endpoints and monitor connections and interfaces with external service providers.
NIST 800-171 3.3 – Audit and Accountability
3.3 requires event logging, audit record content, audit record generation, and response to audit logging process failures. It also calls for audit record review, analysis, and reporting; audit record reduction and report generation; time stamps; and protection of audit information. Atomic OSSEC provides auditing tools and process capabilities for meeting audit and accountability (AU) control requirements. These include nonrepudiation of users, event review, alerts related to process failure, audit information correlation, audit integrity assurance, audit information protection, and overall AU management.
NIST 800-171 3.7 – Maintenance
NIST 800-171 3.7 requires maintenance tools, nonlocal maintenance, and maintenance personnel. Atomic OSSEC facilitates system maintenance by providing tools to scan for malicious code, manage and track changes, make updates, and harden and back up proper configurations and compliance settings. It can also scan for missing patches, and scan connecting, nonlocal media for issues. All Atomicorp commercial offerings come with professional maintenance support.
Additional NIST 800-171 Security Requirement Families . . .
Atomicorp assists across additional NIST 800-171 security requirement families such as supply chain risk management (NIST 800-171 3.17), risk assessment (NIST 800-171 3.11), and configuration management (NIST 800-171 3.4). The graphical user interface (GUI) and management dashboard in Atomic OSSEC makes NIST 800-171 compliance, analysis, and reporting easier.
Learn more about Atomic OSSEC.
A NIST 800-171 Compliance Solution
Get NIST 800-171 compliant or use it as a framework for ISO 27001 compliance. The Atomic OSSEC detection and response system serves as a powerful security compliance solution that enables organizations to meet the software and system security controls in NIST 800-171 and overlapping ISO 27001.
Visit our Server and Cloud Compliance page.