The Cybersecurity Maturity Model Certification (CMMC) is a certification process under development by the US Department of Defense (DoD). Once finalized by DoD, CMMC will require certain cybersecurity practices for many contractors and subcontractors doing business with the DoD. Rapid7’s solutions can help organizations prepare for and achieve CMMC compliance.
CMMC’s 110+ security practices are organized into 14 domains, with each domain representing a general category of cybersecurity control aligned with the NIST 800-171 standard. Contractors that certify at CMMC Level 1 must fulfill 17 security practices and self-assess annually, and Levels 2-3 require 110+ practices and obtain a third-party assessment at least every three years.
Below, learn more about how Rapid7’s solutions can help fulfill each CMMC domain.