Company achieves second Department of Defense continuous authorization to operate (cATO) enabling MCRC to develop a more strategic and proactive defense posture through continuous monitoring
AttackIQ, the leading independent vendor of breach and attack simulation (BAS) solutions and founding research partner of MITRE Ingenuity Center for Threat-Informed Defense (CTID),announced it has been granted a cATO by the U.S. Marine Corps Recruiting Command (MCRC). Senior officials granted this approval to launch the company’s BAS platform within the MCRC based on an in-depth, risk-based security assessment.
CIO INFLUENCE : Why Should Companies Invest in a Strong ZTNA Technology
AttackIQ is the first BAS platform to receive this cATO designation. It will enable the USMC MCRC to move from a traditional risk management framework ATO, which does not provide for continuous monitoring of risk, to a cATO, which supports continuous active penetration testing. AttackIQ’s cATO was successfully granted a Moderate classification after a thorough, multi-phase process that began in 2023 and included several levels of evaluations and rigorous security assessments. AttackIQ collaborated with SDA Solutions, LLC., a provider of best-in-class IT operations, systems and security engineering, cybersecurity, and test and evaluation solutions, to launch the process.
“Using AttackIQ’s platform, we now know if the investments that we have made to protect our data are working and where we have gaps in coverage,” said Dr. Thurman Dubberly, Deputy CIO, Marine Corps Recruiting Command. “This data-driven visibility enables our security team to provide near real-time answers to questions such as whether or not we are vulnerable to the ‘named exploit of the day’ from our CIO or higher headquarters. It has allowed us to move beyond a compliance checklist, understand the real residual risk at which we operate, and prioritize our actions based on viable attack surface, instead of playing whack-a-mole.”
CIO INFLUENCE ARTICLE : Unlocking the Code: Key Differences Between Networking and Cloud Computing
15 U.S. government agencies and organizations, including customers in the legislative branch, intelligence community, defense agencies, and numerous executive branch civilian agencies, trust AttackIQ’s platform to validate their security continuously and achieve a threat-informed defense at scale. AttackIQ has held an ATO with the U.S. Army since 2022, allowing them to use AttackIQ’s BAS platform to develop a more strategic and proactive defense posture across their mission-critical assets in support of warfighters around the globe.
“This cATO is a testament to AttackIQ’s ability to deliver the technology and knowledge our nation’s most critical organizations need to stay ahead of today’s rapidly evolving threat landscape,” said Carl Wright, Chief Commercial Officer at AttackIQ. “It has been a privilege to help the USMC validate the efficacy of existing security investments and prove beyond a shadow of a doubt that attack vectors have been closed and risk has been reduced.”
CIO INFLUENCE ARTICLE : Top 10 Tech Events CIOs Must-attend in 2024
[To share your insights with us as part of editorial or sponsored content, please write to sghosh@martechseries.com]
