Armis secures US DoD Impact Level 4 authorisation
Washington, United States – Armis, an asset visibility and security company, announced that it has achieved U.S. DoD Defense Information Systems Agency (DISA) authorisation to operate (ATO) at Impact Level 4 (IL4). This authorisation signifies that Armis has met the DoD’s strict requirements for the government’s sensitive Controlled Unclassified Information (CUI). DoD customers can now take advantage of Armis’s secure, agentless, unified asset management for IT, OT and IoT devices.
The IL4 ATO is part of continued public sector momentum for Armis, following the achievement of a FedRAMP Moderate Authority to Operate (ATO) in January of this year. These dual votes of confidence mean that any civilian and DoD agency can now take advantage of the AVM platform available.
“There is no more important group of organisations that needs complete situational awareness of their network environment than those who defend our nation,” says Brian Gumbel, president of Armis. “Our platform discovers, aggregates and correlates all asset information into a single source of truth and identifies vulnerabilities to mitigate risks. Armis will now be able to help DoD meet the challenges of a perimeter-less world and an ever-evolving cyber threat landscape.”
Many public sector organisations experience a “visibility gap” where IT and security leaders can’t see all the vulnerable assets within their environment. You can’t protect what you can’t see, and the DoD can no longer depend on conventional perimeter-based or identity-based defenses alone to protect critical systems and government data. Accelerating migration to the cloud, the convergence of IT/OT/IoT and increases in near-peer adversary capabilities have changed how the DoD must approach cybersecurity.
Armis automatically generates a complete inventory of devices in your enterprise environment – on or off the network. The breadth, depth, and accuracy of the Armis asset inventory and device discovery exceeds that of other products available today. Agencies say they see 50% to 70% more connected devices using Armis technology, giving them the situational awareness they need to protect their networks.
Many security frameworks, such as the NIST SP 1800-35A on implementing a zero trust framework, start with inventory. Being aware that assets exist is a prerequisite for cybersecurity but isn’t enough. DoD IT leaders need to know whether devices are risky. After discovering and classifying each asset, Armis calculates its risk score. This risk score helps security teams take proactive steps to reduce their attack surface and meet compliance and regulatory frameworks that require agencies to identify and prioritise vulnerabilities. The score is based on multiple risk factors including software vulnerabilities, known attack patterns, connection security, and the observed behavior of each device.
“This new IL4 authorisation is testament to Armis’s commitment to supporting the U.S. Federal government. We are honored to be a trusted partner in helping agencies adjust to an increasingly dangerous cyber environment,” continues Gumbel.
Armis helps to see and secure some of the largest U.S states and government departments in the world protecting federal, state and local entities from cyber criminals, rogue nations and other bad actors. It also secures critical infrastructure at some of the largest airports, ports and healthcare delivery organisations around the world. Companies trust Armis’ real-time and continuous protection to see with full context all managed, unmanaged assets across IT, cloud, IoT devices, medical devices (IoMT), operational technology (OT), industrial control systems (ICS) and 5G. If you would like to know more about Armis’ solutions, visit Armis or contact here.
Comment on this article below or via Twitter @IoTGN