We currently support 1,100+ automated individual checks per device and we are adding more every day. Squirrel Defender supports DoD’s Comply-to-Connect (C2C) and Information Security Continuous Monitoring (ISCM) initiatives.
Automated CCRI SAV
The U.S. DoD is continuously implementing new methods to ensure information security (INFOSEC). The Defense Information Systems Agency (DISA) releases Security Technical Implementation Guides (STIG) and Security Recommendations Guides (SRG) to assist with the protection and defense of the systems that support military readiness and operations. Command Cyber Readiness Inspections (CCRI) are performed to assess defensive posture as it relates to STIGs best practices.
Squirrel Defender automates the tedious manual process of determining if your network devices are configured in accordance with the appropriate DISA STIGs. Defender uses interactive workflows to guide you through automating the remediation process which further reduces the level of effort to maintain your Risk Management Framework (RMF) security controls and posture.
Know your network better than your adversaries.


Solution Features
1. Risk scoring for software and configuration vulnerabilities using NIST and DISA classification standards
2. Analysis and reporting of out-of-support device operating systems, chassis hardware and hardware modules
3. DISA STIG/SRG configuration vulnerabilities analysis and reporting
4. 100% on-premises - no information leaves your site
5. Ad-hoc audits to address out-of-cycle software vulnerabilities analysis
6. Automated remediation of DISA STIG/SRG configuration vulnerabilities
7. No sampling; all devices and interfaces are inspected ensuring thorough compliance
8. On-site support included in the cost of the subscription
Trusted to secure the networks of the U.S. defense community
Squirrel’s Defender product is used by the U.S. Department of Defense to provide continuous vulnerability monitoring and remediation of its network infrastructure environment.
References are available upon request.


CAGE Code
80EX3
NAICS
519190 | 541310 | 541330 | 541511 | 541512 | 541513 | 541519 | 541690 | 611420 | 511210
DUNS
080982289
Supported DISA SRGs & STIGs*
-
Firewall SRG v1 r3 for Cisco ASA
-
Network WLAN STIG v6 r15 for Cisco WLC
-
Network Infrastructure Policy STIG v9 r10
-
Cisco IOS Switch L2S STIG v2 r2
-
Cisco IOS Switch NDM STIG v2 r3
-
Cisco IOS Switch RTR STIG v2 r1
-
Cisco IOS Router NDM STIG v2 r2
-
Cisco IOS Router RTR STIG v2 r1
-
Cisco IOS XE Switch L2S STIG v2 r2
-
Cisco IOS XE Switch NDM STIG v2 r2
-
Cisco IOS XE Switch RTR STIG v2 r1
-
Cisco IOS XE Router NDM STIG v2 r3
-
Cisco IOS XE Router RTR STIG v2 r3
-
Cisco NX-OS Switch L2S STIG v1 r1
-
Cisco NX-OS Switch NDM STIG v2 r3
-
Network Perimeter Router L3 Switch STIG v8 r32 for Cisco IOS & IOS XE (sunset)
-
Cisco IOS XE NDM STIG v1 r5 (sunset)
-
Cisco IOS XE RTR STIG v1 r3 (sunset)
-
Network L2 Switch STIG v8 r27 for Cisco IOS & IOS-XE (sunset)
-
Network L2 Switch STIG v8 r27 for Cisco Nexus & MDS (sunset)
-
Network Infrastructure Router L3 Switch STIG v8 r29 for Cisco IOS & IOS-XE (sunset)
-
Firewall STIG v8 r25 for Cisco ASA (sunset)
* Audit names are based on DISA’s naming, version, and release conventions.
** Our STIG policies support 499 rules performing 937 individual audit checks for auditing and enforcing non-sunsetted STIG requirements. The number of times the audits checks are executed depends on the number of devices, interfaces, routing protocol instances, and other factors unique to each environment.
