Our Expertise
Department of Defense (DoD) contractors and subcontractors must meet a set of cybersecurity standards known as DFARS 252.204-7012. Companies handling Controlled Unclassified Information (CUI) must implement and maintain security controls according to minimum requirements outlined in NIST SP 800-171. H2L Solutions has developed a customer-tailorable hardware/software solution set to meet DFARS 7012 requirements, streamline self-certification, and manage the total compliance life cycle.
Families Of CUI Security Requirements
H2L Solutions specializes in scanning and testing computer systems, networks, and web applications for vulnerabilities.
- Access Control
- Awareness & Training
- Audit & Accountability
- Configuration Management
- Identification & Authentication
- Incident Response
- Maintenance
- Media Protection
- Personnel Security
- Physical Protection
- Risk Assessment
- Security Assessment
- System & Communications Protection
- System & Information Integrity
Compliance Gap Analysis
Before you become DFARS compliant, you must know whether your current networks, systems, and processes meet the standards, and what your end-state goals are. Using a 200-point baseline and review, we analyze your current operational environment in order to gain a complete picture of your security posture and compliance readiness.
Vulnerability Assessment
For all in-scope networks, H2L Solutions will conduct vulnerability assessments to expose potential attack avenues and identify shortcomings in training, processes, and configurations. Vulnerabilities will be classified based on risk level in the context of incident probabilities and potential impacts. Technical descriptions of exploitations and remediation recommendations will also be provided.
SSP Development & Controls Implementation
Once you know where you stand, select appropriate controls and create a System Security Plan (SSP). An SSP describes your environment and outlines how security requirements are met. Still plugging compliance gaps? Draft a Plan of Actions and Milestones (POA&M) to meet goals on time and within budget.