Armis, the leading asset visibility and security company, today announced that it has achieved U.S. DoD Defense Information Systems Agency (DISA) authorization to operate (ATO) at Impact Level 4 (IL4). This authorization signifies that Armis has met the DoD's strict requirements for the government's sensitive Controlled Unclassified Information (CUI). DoD customers can now take advantage of Armis's secure, agentless, Unified Asset Management for IT, OT and IoT devices.
The IL4 ATO is part of continued public sector momentum for Armis, following the achievement of a FedRAMP Moderate Authority to Operate (ATO) in January of this year. These dual votes of confidence mean that any civilian and DoD agency can now take advantage of the most comprehensive AVM platform available.
"There is no more important group of organizations that needs complete situational awareness of their network environment than those who defend our nation," said Brian Gumbel, President of Armis. "Our platform discovers, aggregates and correlates all asset information into a single source of truth and identifies vulnerabilities to mitigate risks. Armis will now be able to help DoD meet the challenges of a perimeter-less world and an ever-evolving cyber threat landscape."
Many public sector organizations experience a "visibility gap" where IT and security leaders can't see all the vulnerable assets within their environment. You can't protect what you can't see, and the DoD can no longer depend on conventional perimeter-based or identity-based defenses alone to protect critical systems and government data. Accelerating migration to the cloud, the convergence of IT/OT/IoT and increases in near-peer adversary capabilities have changed how the DoD must approach cybersecurity.
Armis automatically generates a complete inventory of devices in your enterprise environment - on or off the network. The breadth, depth, and accuracy of the Armis asset inventory and device discovery exceeds that of other products available today. Agencies say they see 50% to 70% more connected devices using Armis technology, giving them the situational awareness they need to protect their networks.
Many security frameworks, such as the NIST SP 1800-35A on implementing a Zero Trust Framework, start with inventory. Being aware that assets exist is a prerequisite for cybersecurity but isn't enough. DoD IT leaders need to know whether devices are risky. After discovering and classifying each asset, Armis calculates its risk score. This risk score helps security teams take proactive steps to reduce their attack surface and meet compliance and regulatory frameworks that require agencies to identify and prioritize vulnerabilities. The score is based on multiple risk factors including software vulnerabilities, known attack patterns, connection security, and the observed behavior of each device.
"This new IL4 authorization is testament to Armis's commitment to supporting the U.S. Federal government. We are honored to be a trusted partner in helping agencies adjust to an increasingly dangerous cyber environment," continued Gumbel.
Armis helps to see and secure some of the largest U.S states and government departments in the world protecting federal, state and local entities from cyber criminals, rogue nations and other bad actors. It also secures critical infrastructure at some of the largest airports, ports and healthcare delivery organizations around the world.Companies trust Armis' real-time and continuous protection to see with full context all managed, unmanaged assets across IT, cloud, IoT devices, medical devices (IoMT), operational technology (OT), industrial control systems (ICS) and 5G.
About Armis
Armis, the leading asset visibility and security company, provides the industry's first unified asset intelligence platform designed to address the new extended attack surface that connected assets create. Fortune 100 companies trust our real-time and continuous protection to see with full context all managed, unmanaged assets across IT, cloud, IoT devices, medical devices (IoMT), operational technology (OT), industrial control systems (ICS), and 5G. Armis provides passive cyber asset management, risk management, and automated enforcement. Armis is a privately held company and headquartered in California.