• Travis Howerton

Atlasity Announces Support for NIST 800-171 and DFARS Self-Assessment Methodologies



The C2 Labs Atlasity Integrated Compliance Management (ICM) platform (now in Open BETA) continues our push to be at the forefront of modernizing compliance processes for Federal agencies and their contractors. To that end, we are pleased to announce that our Atlasity product now supports NIST 800-171 Revision 2, including full support for the Department of Defense (DoD) Defense Federal Acquisition Regulation Support (DFARS) Assessment Methodology.


The June 2020 document continues the DoD's approach to improving the security of their Confidential Unclassified Information (CUI). It provides multiple levels of assurance and a handy scoring methodology for calculating risk based on the weight of controls.


At C2 Labs, our mission is to simplify compliance and to free organizations from bureaucracy. To that end, we have updated our Atlasity product to provide full support for NIST 800-171 including simple tools to load a digital version of the requirements, wizards for quickly building out Information System Security Plans (ISSPs) based on 800-171, and canned reports for automating self-assessments. The DoD deserves the best security that the US contractor community can provide. Meanwhile, the contractor community should have the best tools that allow them to quickly and cost-effectively meet these requirements. With our Atlasity product, our goal was to enable the best of both worlds by providing simple and cost effective tools that make compliance with NIST 800-171 a breeze.


While we encourage people to check out our compliance tools, we are also strong believers in giving back to the technical community. To that end, we have published a suite of open source artifacts on GitHub that can help organizations on their NIST 800-171 compliance journey. These artifacts include:


- A consolidated spreadsheet with the NIST 800-171 controls, their descriptions, and the control weighting as specified by DFARS

- A JSON representation of this spreadsheet that can be used to process and load the information into customer tools

- Example Python code for parsing the JSON and loading into an external tool via API (in this case Atlasity)


In addition, we have published an Atlasity catalog that can be used to load NIST 800-171 security controls into your Atlasity instance to have you up and running in minutes to create new ISSPs based on NIST 800-171 requirements.


Contact Us today to learn more about C2 Labs can help you meet your NIST 800-171 requirements for protecting CUI. If you are ready to start automating your compliance processes for creating and managing your ISSPs, schedule a free demo today to learn how you can join our Open BETA program to leverage Atlasity to free your organization from bureaucracy by simplifying compliance.

Copyright © 2020 by C2 Labs, Inc.

All Rights Reserved