Solutions for Federal Government Standards
WebLayers understands the challenges faced by government IT departments and the need to continually meet prioritization, automation, compliance, and monitoring obligations. For many departments, this means figuring out how to align core process and technology elements with policies, standards, and guidelines developed by a variety of government agencies.
WebLayers’ automated governance solution provides a foundation to better implement and manage a strategy for assuring the security and development of software and software-based applications. It provides architects and other IT managers with visibility into policies and auditability of compliance with best practices. By catching coding violations early in the software development life cycle, WebLayers reduces review times, shortens development lifecycles, and mitigates the risk of software glitches.
The WebLayers Federal Government solution:
- Ensures validation by checking DISA security STIG requirements against Security Content Automation Protocol (SCAP) specifications for every policy definition.
- Codifies the application security STIG, allowing for automatic enforcement during the software development life cycle process.
- Using a policy library based on CWE (Common Weakness Enumeration) standards, ensures that development teams avoid software weaknesses that lead to risk weaknesses in source code and operational systems throughout the software development life cycle.
- Features a lightweight agent integrated into conformance and policy compliance checks, project/artifact/developer views, validations, policy exceptions, audit processes and key service development applications (IDE’s, Source Control Systems, Build Systems, Registries/Repositories, WMQ, ITCAM).
- Allows users to isolate functionality within architectures and manage the impact of architectural change.