Crunchy Data has unveiledÂ an open source project with the goal to help agencies automate compliance with theÂ Defense Department‘s security standards dubbed Security Technical Implementation Guide.
The company said Tuesday it developed theÂ PostgreSQL STIG Automation project to support theÂ National Geospatial-Intelligence Agency‘s efforts to accelerate the authority-to-operate certification process for cloud platforms.
The Defense Information Systems Agency released a STIG for Crunchy Data’s PostgreSQL open source database in March toÂ provide guidance on how to deploy the database in government networks in compliance with DoD security requirements.
“Crunchy Data’s mission is to enable enterprises to adopt open source PostgreSQL as a means to reduce [information technology] infrastructure costs and avoid unwanted vendor lock-in,” saidÂ Paul Laurence, chief operating officer of Crunchy Data.
The open source project worked to complete compliance testing, review and approval within 72 hours, Crunchy Data noted.
Upon NGA’s request,Â Crunchy Data partnered withÂ MitreÂ to design and develop an automated security compliance profile to test the new PostgreSQL STIG.
Both companies fielded tools and processes and carried out automated deployment and validation tests in an effort to meet NGA’s security compliance automation needs.