Community


Lisa Umberger

24 September 2019


Onyx Point, Inc, announced today that its SIMP Product has been certified by CIS Benchmarks ™ to enforce the configuration status of Operating Systems against the consensus-based best practice standards contained within the following benchmarks:

  • CIS Benchmark for CIS CentOS Linux 7 Benchmark, v2.2.0, Level 1 Server
  • CIS Benchmark for CIS CentOS Linux 7 Benchmark, v2.2.0, Level 2 Server
  • CIS Benchmark for CIS CentOS Linux 7 Benchmark, v2.2.0, Level 1 Workstation
  • CIS Benchmark for CIS CentOS Linux 7 Benchmark, v2.2.0, Level 2 Workstation
  • CIS Benchmark for Oracle Linux 7 v2.1.0, Level 1 – Workstation Profile
  • CIS Benchmark for Oracle Linux 7 v2.1.0, Level 2 – Workstation Profile
  • CIS Benchmark for Oracle Linux 7 v2.1.0, Level 1 – Server Profile
  • CIS Benchmark for Oracle Linux 7 v2.1.0, Level 2 – Server Profile
  • CIS Benchmark for Red Hat Enterprise Linux v2.2.0, Level 1 – Workstation Profile
  • CIS Benchmark for Red Hat Enterprise Linux v2.2.0, Level 2 – Workstation Profile
  • CIS Benchmark for Red Hat Enterprise Linux v2.2.0, Level 1 – Server Profile
  • CIS Benchmark for Red Hat Enterprise Linux v2.2.0, Level 2 – Server Profile

Organizations that leverage SIMP can now ensure that the configurations of their critical assets align with the CIS Benchmarks consensus-based practice standards.†

SIMP is a unified security and compliance product that contains enforcement, remediation, and reporting capabilities for Linux and Windows. SIMP can drive configuration management systems such as Puppet as well as report on your infrastructure via a web user interface.

This certification is issued by CIS ® (Center for Internet Security, Inc.) “Cybersecurity challenges are mounting daily, which makes the need for standard configurations imperative. By certifying its product with CIS, Onyx Point, Inc has demonstrated its commitment to actively solve the foundational problem of ensuring standard configurations are used throughout a given enterprise,” said Curtis Dukes, CIS Executive Vice President of Security Best Practices & Automation Group.

† When running the Enterprise or Lite editions, at least version 1.0.0 of the simp_cis_profiles module, enforcing the cis:el7:v2.2.0 SCE profile, and with the exceptions documented under the modules’s README.md

About CIS
CIS® (Center for Internet Security) is a forward-thinking, non-profit entity that harnesses the power of a global IT community to safeguard private and public organizations against cybersecurity threats. CIS Controls™ and CIS Benchmarks™ are the global standard and recognized best practices for securing IT systems and data against the most pervasive attacks. These proven guidelines are continuously refined and verified by a volunteer, global community of experienced IT professionals. CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the go-to resource for cyber threat prevention, protection, response, and recovery for U.S. State, local, tribal, and territorial government entities. To learn more, visit CISecurity.org or follow CIS on Twitter: @CISecurity.

CIS, SecureSuite, CIS Benchmarks, CIS-CAT, PCI Compliance, FISMA, CIS Controls


Brandon Riden

16 September 2019


Onyx Point, Inc. is pleased to announce that the final release for SIMP 6.4.0-0 is now available.

Community Edition ISOs can be downloaded from our download servers.

Enterprise customers can obtain the Enterprise Edition ISOs using the instructions.

programming, open-source, simp, enterprise


Trevor Vaughan

22 July 2019


Recently, we performed an analysis of the NIST 800-53 and CNSSI 1253 in relation to basic container environments.

We are pleased to present the results of this analysis in a paper entitled Container Guidance for Federal Information Systems.

containers, whitepaper, NIST 800-53, CNSSI 1253, federal


Kara Pritchard

17 July 2019




(IBM - Boulder, CO) “We chose SIMP Enterprise Edition (EE) to provide multi-tenant compliance enforcement for our federal customers. As an existing Puppet Enterprise (PE) environment, deploying SIMP was an easy decision. Our teams found added value in our project through an extended on-site engagement with Puppet Partner, Onyx Point, Inc.

Not only did SIMP EE provide an important solution, but the Partner was also able to upgrade our PE environment and integrate CloudBolt. The added expertise and ease of support throughout this project is what makes us continue to invest in SIMP within our infrastructure.”


KRISTOPHER A. FRANKLIN
Technical Delivery Manager - Infrastructure Automation
Managed Services & Cloud Solutions


simp, enterprise


Dylan Cochran

07 May 2019


SIMP Console 1.0 Available

Today marks a benchmark for SIMP products as we are excited to announce the availability of SIMP Console 1.0.0.!

The SIMP Console provides insight into your system’s continuous compliance posture and integrates data from the SIMP Compliance Engine to visualize the state of your Puppet-applied module parameters.

Out of the box, SIMP Console includes:

  • Support for ingesting XCCDF(SCAP) results from a number of scanning engines
  • Integration with SIMP Compliance Engine (SCE) to provide puppet oriented context information
  • Reports generated in XLS, HTML, and PDF format
  • Notification system for forwarding results to Email and Slack
  • A client side scanning utility that automates scanning and collection for console feed
  • Integration with AD, LDAP, and Google Authentication
  • Full Role Based Access Control (RBAC) and delegation of privileges by assigning users specific roles on a subset of nodes
  • A fully featured plugin system to access/create notification services, scan types, custom reports, and authentication backends

simp, simp-console, console, ui, enterprise

We work with these Technologies + Partners

puppet
gitlab
simp
beaker
redhat
AFCEA
GitHub
FOSSFeb