ARC-P Continuous Monitoring

ARC-P CM - Continuous Monitoring, Reporting and Management

Autonomic Resources offers Continuous Monitoring, Reporting and Management as a monthly service supporting FISMA and FedRAMP accredited environments providing clients with vulnerability assessment, management, and reporting services. This service shifts the reporting burden from the client to Autonomic Resources.

Additional Info

SIEM Tool Deployment and Configuration

Autonomic Resources provides a Security Information & Event Management (SIEM)/Continuous Monitoring Tool Deployment services that include the installation and initial configuration of the SIEM tool:

  • SIEM tool and continuous monitoring strategy development based on FedRAMP control requirements
  • The configuration of  SIEM tool underlying operating system  
  • The installation of SIEM tool
  • The installation Log Correlation products
  • The configuration of the SIEM tool  in support of required FedRAMP Continuous Monitoring requirements

ARC-P CM service offering includes:

  • Maintain, operate, and secure SIEM Tool underlying Operating System (patches and upgrades)
  • Maintain and update SIEM Tool and scanning tools as software updates/releases are made available by SIEM and other related vendors
  • Daily monitoring of event alerts, ticket generation and resolution, and/or escalation to Client ISSO
  • The creation and maintenance of nightly OS Scans
  • The creation and maintenance of quarterly and annual external web interface and database scans
  • Scanning of client  developed custom code
  • Monthly, quarterly and annual reporting
  • Plan of Action & Milestones (POA&M update)
  • Create deviation requests as necessary
  • Policy Review and Update
  • System Security Plan update coordination
  • Update Master Inventory
  • Annual and quarterly onboarding Security Awareness training (material and delivery for up to 5 security roles)
  • Coordination, updating and oversight of plan testing that includes:
    • Contingency Plan
    • Incident Response Plan
    • Configuration Management Plan (updates only)
  • Support unannounced penetration testing by 3PAO  
  • Support annual testing of control subset by 3PAO
    • Support evidence request from 3PAO for annual (reports, scan schedules and settings)

*Major system change testing will require a change order or separate statement of work.

Who Should Utilize ARC-P CM?

Entity Cloud Service Model Deployment Model
CSP IaaS Private Cloud
Agencies SaaS Community Cloud
Vendors PaaS Public Cloud

 

 

 

 

 

Benefits of ARC-P CM:

By leveraging these services offered by Autonomic Resources, our clients take advantage of these benefits:

  • Take advantage of Autonomic Resources FedRAMP experience and proven FedRAMP accreditation track record
  • Reduce or reallocate 1.5 Full Time Staff by shifting day-to-day monitoring activity burden to Autonomic Resources
  • Ensure the proper FedRAMP controls are administered for the Annual Authorization and Accreditation
  •  Real-time monitoring and response to threats 
More in this category: Request an ARC-P CM Quote »

  ARC-P Continuous Monitoring

Delivery Model

Self Managed
Fully Managed

Contracts Available

GSA – STARS II
(Cloud services and integration services)

DOI – Foundation Cloud
(Available to all civilian & DoD agencies)