OpenRMF Professional User Training
Training for our flagship product OpenRMF Professional from a User's perspective. Learn how to log in, create accreditation packages, uploading scans and more. Track actions with our live POAM feature, generate your RMF and FedRAMP compliance and run reports to check vulnerabilities and compliance status. Advanced features such as the Team Subpackages, bulk edit and lock, as well as our API usage are also shown.
-
Overview of the Risk Management Framework
Learn what the Risk Management Framework is, how it is laid out, the pieces, and understand the basis for it along the lines of cyber compliance.
-
User Training - OpenRMF Professional Overview
View OpenRMF Professional in a general sense to see the screen layout, menus, areas of concentration, templates, reports, and other functions to become familiar with the look, feel, and navigation.
-
User Training - Create a System (ATO) Package
See how you setup your system package to track your ATO, IATT, ATC, Type accreditation or your accreditation boundary as a package. This allows you to setup your RMF or FedRAMP level, add tailoring and overlays, setup POC information, and get ready to upload scans and generate your POAM and compl...
-
User Training - Roles and Groups
See how roles, groups and permissions affect the screen, menu, and functions of OpenRMF Professional from a security standpoint.
-
User Training - Overlays and Tailoring
This video explains NIST control and subcontrols as it pertains to overlays, tailoring and your ATO package. This affects reporting and compliance for your entire package.
-
User Training - Uploading Checklists, SCAP Scans and Compliance Scans
This video explains how you can upload your checklist CKL files, raw SCAP scan results as well as raw Compliance Scan results to create the needed compliance checklists. Match the scans to templates automatically to fill in the vulnerability information and find where you stand from a compliance ...
-
User Training - Bulk Editing and Bulk Locking
See how you can use the bulk features for editing and locking checklists and individual checklist vulnerabilities across your entire ATO package. Save time, have consistent results, and remove false positives with these great features.
-
User Training - Tagging Checklists
See how you can tag or bulk tag checklists for management, grouping and searching them quickly across your entire system package.
-
User Training - Plan of Action and Milestones (POAM)
See how the live POAM is created, linked to all the data for live updates, and how you can download and export it. Track vulnerabilities in checklist scans, patch scans, software and container scans, as well as compliance statements and inherited or common controls.
-
User Training - Templates
See how OpenRMF Professional uses templates for checklists for your SCAP and Audit Compliance scans. Match templates to scan types. Create and use organizational templates for boilerplate answers. And create checklists from blank templates easily in your system package.
-
V2.9 Using Compliance Statements - User Training
See how you can use, save, import, and share compliance statements in your system package to track all controls even when not matched in an automated scan. Download filtered lists to use in other system packages to share statements. And use these when generating your compliance.
-
User Training - Uploading Patch Scans
See how you can upload or import Nessus patch vulnerability scans and Rapid7 Nexpose full audit scans to track patch vulnerabilities over time. Also automatically load your ports, protocols, and services listing. Fill in your hardware listing. And generate your software listing all from those sam...
-
User Training - Other Vulnerability Scans
See how software, container and log scans scan can be ingested into OpenRMF Professional. Show issues within the software layer of your environment. and track that information into completion.
-
User Training - Team SubPackage
This shows the Team Subpackage feature within OpenRMF professional and how to use the feature providing understanding of creating a package adding checklists, devices and permissions to accounts.
-
User Training - Documentation and Reporting
See how you can use the reporting and documentation features. Save time, have consistent results, and auto generation of reports and documentation with the data in OpenRMF Professional.
-
User Training - Notifications
See how notifications are used with OpenRMF Professional to keep you informed of what is happening in your system packages.
-
A Day in the Life Series - #1 Setting up a System Package
This video shows how system owners, PMs, ISSOs and ISSEs can setup a new system package in OpenRMF Professional to track an ATO, accreditation boundary or type accreditation successfully. Upload and configure initial compliance and mitigation statements. Setup tailoring and overlays. And get the ...
-
A Day in the Life Series - #2 Loading Scan Data
This video shows how you can load CKL files, audit compliance scan results, patch scan results, SCAP results, and fill out the checklists and host data for your system package. We review history, tracking, trends, scores, as well as filtering checklists by their open category vulnerabilities.
-
A Day in the Life Series - #3 Create POAM and Generate Compliance
This video shows how you can create and start your live POAM from all your compliance data, as well as generating your compliance snapshot against all your checklist, compliance statement, and inherited controls informations.
-
A Day in the Life Series #4 - Editing Checklists
This video shows how you can edit checklists, show the changes, track history of checklist updates, as well as see the automation when updating the status in the checklist as it applies to the POAM.
-
A Day in the Life Series #5 - Managers, Directors, "C" Suite Users
This video shows how a corporate level, manager, director, branch head or other management user can have read-only access into your system package to track information. They can run reports, see CCRI, view trends and checklist vulnerabilities as well as see compliance generated and the live POAM.
-
A Day in the Life Series #6 - Assessors and Authorizing Officials
This video is from the viewpoint of showing an assessor or authorizing official (i.e. NAO) all data for the cyber compliance. Open vulnerabilities, patch data, hosts, compliance, POAM entries as well as run reports for the data they need for assessment.
-
A Day in the Life Series #7 - Curating Checklist Templates
This video shows how you can take DISA and other checklist templates, pre-fill out areas and status, lock vulnerabilities, and use as Organizational or System Package checklists for tracking compliance.
-
A Day in the Life Series #8 - Bulk Edit, Lock, and Viewing Updates
This video explains bulk editing vulnerabilities, bulk lock/unlock vulnerabilities, locking checklists, tracking checklist updates, and regenerating compliance over time to track trends and status of your system package.
-
OpenRMF Professional v2.9 Coming Features and Updates
This video goes over the new features and updates coming in v2.9 of our flagship solution, OpenRMF Professional. You will see bulk edit and upgrade checklists, bulk edit POAM, and a brand new system package dashboard for quick access to your most important information. The Team Subpackage area a...