Safeguards for defense contractors
The Cybersecurity Maturity Model Certification (CMMC) is a certification process under development by the US Department of Defense (DoD). Once finalized by DoD, CMMC will require certain cybersecurity practices for many contractors and subcontractors doing business with the DoD. Rapid7’s solutions can help organizations prepare for and achieve CMMC compliance.
CMMC’s 110+ security practices are organized into 14 domains, with each domain representing a general category of cybersecurity control aligned with the NIST 800-171 standard. Contractors that certify at CMMC Level 1 must fulfill 17 security practices and self-assess annually, and Levels 2-3 require 110+ practices and obtain a third-party assessment at least every three years.
Below, learn more about how Rapid7’s solutions can help fulfill each CMMC domain.
CMMC’s 110+ security practices are organized into 14 domains, with each domain representing a general category of cybersecurity control aligned with the NIST 800-171 standard. Contractors that certify at CMMC Level 1 must fulfill 17 security practices and self-assess annually, and Levels 2-3 require 110+ practices and obtain a third-party assessment at least every three years.
Below, learn more about how Rapid7’s solutions can help fulfill each CMMC domain.
CMMC Security Rule
Access Control
InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services
Awareness and Training
InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services
Audit and Accountability
InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services
Configuration Management
InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services
Incident Response
InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services
Maintenance
InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services
Media Protection
InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services
Personnel Security
InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services
Physical Protection
InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services
Risk Assessment
InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services
Security Assessment
InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services
Systems and Communications Protection
InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services
Systems and Information Integrity
InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services
Rapid7 CMMC Brief
If you seek DoD or DHS contracts, you may be required to demonstrate sound cybersecurity practices and processes through CMMC. Rapid7 can explain what’s required, and our solutions can help your company achieve and maintain compliance.