Search
Get A Demo
Get Started
    Get A Demo
    Get Started
      How Blumira Helps With

      CMMC Compliance

      The Blumira modern security platform helps your organization easily meet and exceed CMMC framework requirements for logging, monitoring, threat detection, and response. We either support or complement a variety of CMMC controls from Levels 1 & 2, covering many domains.

      Try Blumira for 30 days
      CMMC-NB24
      Federal Contractors:

      Are You CMMC Compliant?

      CMMC (Cybersecurity Maturity Model Certification) is a framework to ensure that controlled unclassified information (CUI) is protected by appropriate levels of cybersecurity practices and processes when it’s residing on federal contractors’ networks.

      CMMC applies to any federal contractor, including over 300,000 companies in the supply chain – such as small businesses, commercial item contractors and foreign suppliers.

      The Department of Defense intends to incorporate CMMC into their Defense Federal Acquisition Regulation Supplement (DFARS) and use it as a requirement for contracts, according to the Office of the Under Secretary of Defense for Acquisition & Sustainment CMMC.

      While CMMC encompasses NIST SP 800-171 requirements, it also extends beyond it to include three different levels of compliance, Foundational (Level 1), Advanced (Level 2), and Expert (Level 3).

      NOTE: There are many changes coming for CMMC v2. In short, CMMC v2 is aligning to the NIST 800-171 standards.

      All of the controls below have mappings listed for CMMC v2 and NIST 800-171. The CMMC control numbers now are aligned to 800-171; for example, AC.L1-3.1.1 maps to NIST 800-171 control 3.1.1. Also see how Blumira helps customers meet NIST 800-171.

      How Blumira Helps With Audit & Accountability and Configuration Management Requirements

      • Audit and Accountability: AU.L2-3.3.1 - 3.3.4

        AU.L2-3.3.1 – Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity.

        AU.L2-3.3.2 – Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions.

        AU.L2-3.3.3 – Review and update logged events.

        AU.L2-3.3.4 – Alert in the event of an audit logging process failure.

        Blumira centralized logging gives you the ability to track user activity, allowing you to trace actions uniquely back to certain users and hold them accountable. The Blumira cloud SIEM retains logs for at least a year for auditing purposes.

        Search and reporting functionality gives you deeper visibility into audit logs for review. The Blumira platform also reports on operational changes or disruptions, including the status of logging sensor and diagnostics for logflow to alert you in the event of an audit logging process failure.

      • Audit and Accountability Level 2: AU.L2-3.3.7 - 3.3.9

        AU.L2-3.3.7 – Provide a system capability that compares and synchronizes internal system clocks with an authoritative source to generate timestamps for audit records.

        AU.L2-3.3.8 – Protect audit information and audit logging tools from unauthorized access, modification, and deletion.

        AU.L2-3.3.9 – Limit management of audit logging functionality to a subset of privileged users.

        The Blumira cloud SIEM separates logging and audit tools from customers’ production environments to prevent unauthorized access, modification, and deletion. Blumira’s platform limits the management of audit logging functionality to only a subset of privileged users with role-based administration.

      • Audit and Accountability Level 2: AU.L2-3.3.5 & 3.3.6

        AU.L2-3.3.5 – Correlate audit record review, analysis, and reporting processes for investigation and response to indications of unlawful, unauthorized, suspicious, or unusual activity.

        AU.L2-3.3.6 – Provide audit record reduction and report generation to support on-demand analysis and reporting.

        Blumira search and reporting functionality provides deeper visibility into audit logs. The Blumira platform correlates audit records to indications of suspicious activity and unauthorized access, then provides data and prioritized alerts to the organization. Blumira’s pre-built reports provide the ability to support on-demand analysis and reporting.

        The Blumira threat detection library allows for the automation of audit log analysis to help identify and act on indicators of threats and suspicious activity. Blumira reporting provides visibility to enable organizations to perform audits on broad activity, in addition to pre-machine activity.

      • Configuration Management Level 2: CM.L2-3.4.1 & 3.4.6

        CM.L2-3.4.1 – Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles.

        CM.L2-3.4.6 – Employ the principle of least functionality by configuring organizational systems to provide only essential capabilities.

        With Blumira logging capabilities and wide coverage of integrations, organizations can inventory their security systems. Blumira provides role-based administration for its own platform, and monitors other systems for the creation of new privileged accounts, or changes and escalations in existing account privileges to alert organizations to potentially malicious internal activity.

      • Configuration Management Level 2: CM.L2-3.4.2, 3.4.3, 3.4.7

        CM.L2-3.4.2 – Establish and enforce security configuration settings for information technology products employed in organizational systems.

        CM.L2-3.4.3 – Track, review, approve or disapprove, and log changes to organizational systems.

        CM.L2-3.4.7 – Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services.

        The Blumira platform monitors and identifies any risky access to an organization’s networks, such as through public Remote Desktop Protocol (RDP) and Server Message Block (SMB) access. Blumira tracks and logs any changes to organizational systems, while monitoring and alerting organizations to the use of insecure ports.

      AU.L2-3.3.1 – Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity.

      AU.L2-3.3.2 – Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions.

      AU.L2-3.3.3 – Review and update logged events.

      AU.L2-3.3.4 – Alert in the event of an audit logging process failure.

      Blumira centralized logging gives you the ability to track user activity, allowing you to trace actions uniquely back to certain users and hold them accountable. The Blumira cloud SIEM retains logs for at least a year for auditing purposes.

      Search and reporting functionality gives you deeper visibility into audit logs for review. The Blumira platform also reports on operational changes or disruptions, including the status of logging sensor and diagnostics for logflow to alert you in the event of an audit logging process failure.

      AU.L2-3.3.7 – Provide a system capability that compares and synchronizes internal system clocks with an authoritative source to generate timestamps for audit records.

      AU.L2-3.3.8 – Protect audit information and audit logging tools from unauthorized access, modification, and deletion.

      AU.L2-3.3.9 – Limit management of audit logging functionality to a subset of privileged users.

      The Blumira cloud SIEM separates logging and audit tools from customers’ production environments to prevent unauthorized access, modification, and deletion. Blumira’s platform limits the management of audit logging functionality to only a subset of privileged users with role-based administration.

      AU.L2-3.3.5 – Correlate audit record review, analysis, and reporting processes for investigation and response to indications of unlawful, unauthorized, suspicious, or unusual activity.

      AU.L2-3.3.6 – Provide audit record reduction and report generation to support on-demand analysis and reporting.

      Blumira search and reporting functionality provides deeper visibility into audit logs. The Blumira platform correlates audit records to indications of suspicious activity and unauthorized access, then provides data and prioritized alerts to the organization. Blumira’s pre-built reports provide the ability to support on-demand analysis and reporting.

      The Blumira threat detection library allows for the automation of audit log analysis to help identify and act on indicators of threats and suspicious activity. Blumira reporting provides visibility to enable organizations to perform audits on broad activity, in addition to pre-machine activity.

      CM.L2-3.4.1 – Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles.

      CM.L2-3.4.6 – Employ the principle of least functionality by configuring organizational systems to provide only essential capabilities.

      With Blumira logging capabilities and wide coverage of integrations, organizations can inventory their security systems. Blumira provides role-based administration for its own platform, and monitors other systems for the creation of new privileged accounts, or changes and escalations in existing account privileges to alert organizations to potentially malicious internal activity.

      CM.L2-3.4.2 – Establish and enforce security configuration settings for information technology products employed in organizational systems.

      CM.L2-3.4.3 – Track, review, approve or disapprove, and log changes to organizational systems.

      CM.L2-3.4.7 – Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services.

      The Blumira platform monitors and identifies any risky access to an organization’s networks, such as through public Remote Desktop Protocol (RDP) and Server Message Block (SMB) access. Blumira tracks and logs any changes to organizational systems, while monitoring and alerting organizations to the use of insecure ports.

      CMMC Checklist

      Blumira CMMC Level 2 Compliance Checklist

      We've developed a concise checklist to highlight the key assessment objectives where a robust monitoring solution is indispensable, ensuring you're ready to meet CMMC Level 2 requirements and pass your assessment. Download it now and let us help you check off several items from your preparation to-do list..

      Download The Checklist 

       

      CMMC Without the Complexity For Manufacturers

      Manufacturing companies supporting defense missions face a critical challenge: achieve CMMC certification while keeping production lines running and costs under control.

      Learn More
      ✓ Zero production disruption

      during deployment and ongoing monitoring
      ✓ Automated CUI handling

      with real-time threat detection designed for manufacturing environments
      ✓ Ready-to-submit reports

      for CMMC assessments and contract renewals
      ✓ Manufacturing-focused support

      from security experts who understand defense supply chains

      Experience Blumira Today

      Tired of fragmented security tools and alert fatigue? Blumira centralizes your security operations, offering deep insights and actionable intelligence to identify and remediate threats before they cause damage. Discover the power of proactive defense.

      Get Your Trial