V2.11 OpenRMF Professional User Training
Updated for Version 2.11. Training for our flagship product OpenRMF Professional from a User's perspective. Learn how to log in, create accreditation packages, uploading scans and more. Track actions with our live POAM feature, generate your RMF and FedRAMP compliance and run reports to check vulnerabilities and compliance status. Advanced features such as the Team Subpackages, bulk edit and lock, live, active POAM and many others.
-
Overview of the Risk Management Framework
Learn what the Risk Management Framework is, how it is laid out, the pieces, and understand the basis for it along the lines of cyber compliance.
-
v2.11 Help Menu System - UT
How to use and navigate the OpenRMF Professional user Help Menu system.
-
v2.11 Navigation of OpenRMF Professional - UT
Providing an overview video of navigating the OpenRMF Professional system to show where to find information and what is available within the menus and areas.
-
v2.11 Creating a System Package - UT
See how you setup your system package to track your ATO, IATT, ATC, Type accreditation or your accreditation boundary as a package. This allows you to setup your RMF or FedRAMP level, add tailoring and overlays, setup POC information, and get ready to upload scans and generate your POAM and compl...
-
v2.11 System Package Preferences and Settings - UT
How to set preferences and settings on your system packages such as allowing uncredentialed patch scans, allowing severity over ride and more.
-
v2.11 Tailoring-Controls - UT
After creating your system package this demonstrates how to tailor the required controls.
-
v2.11 Tailoring and Overlays - UT
This is demonstrate how to use the feature to tailor controls in your system package. And how to create, apply, save and load overlays to use in your system package.
-
v2.11 Overview of Roles and Groups - UT
This is general overview of Roles and Groups and how it applies to access to OpenRMF Professional and system packages.
-
v2.11 Notifications - UT
This training video demonstrates how OpenRMF Professional notifications feature works and how you can filter the information.
-
v2.11 Journaling - UT
How to find and use the journaling features in OpenRMF Professional.
-
v2.11 Templates - UT
Showing multiple easy to use the templates feature in OpenRMF Professional. Templates are blank DISA or CIS checklists.
-
v2.11 Checklist Applicability Wizard - UT
Demonstration on how to use the Checklist Applicability Wizard in OpenRMF Professional.
-
Using the DISA SCAP Scanner Tool v5.10
Demonstration on how to scan machines remotely using the DISA SCAP Scanner to get compliance results to include in OpenRMF Professional.
-
v2.11 Uploading SCAP-Scans and Checklists - UT
This video explains how you can upload your checklist CKL files, raw SCAP scan results as well as raw Compliance Scan results to create the needed compliance checklists. Match the scans to templates automatically to fill in the vulnerability information and find where you stand from a compliance ...
-
v2.11 Upgrading Checklist Versions - UT
The is a demonstration of using the upgrading and bulk upgrade checklist feature in OpenRMF Professional
-
Using Nessus Professional Scanner
-
v2.11 Uploading Patch Vulnerability Scans -UT
Demonstration on how to upload patch vulnerability scans into OpenRMF Professional. Showing the information parsed and captured and how to see the results.
-
v2.11 Bulk Edit / Bulk Lock Checklists - UT
See how you can use the bulk features for editing and locking checklists and individual checklist vulnerabilities across your entire ATO package. Save time, have consistent results, and remove false positives with these great features.
-
v2.11 Tagging - UT
This section demonstrates how to using the principle of tagging checklists using OpenRMF Professional
-
v2.11 Device Profile - UT
Demonstration on how to use the Device Profile feature in OpenRMF Professional to have an approved list of ports and protocols. Use that profile to apply against devices in your system Package.
-
v2.11 Missing Checklist Wizard - UT
Demonstration on how to use the missing checklist wizard feature in OpenRMF Professional to find checklists that are necessary to complete your package based on identified software installed.
-
v2.11 Uploading Other Vulnerability Scan Results - UT
This is a demonstration on how to or uploading Software, Container and Log scans results into OpenRMF Professional
-
v2.11 Compliance Statements - UT
See how you can use, save, import, and share compliance statements in your system package to track all controls even when not matched in an automated scan. Download filtered lists to use in other system packages to share statements. And use these when generating your compliance.
-
v2.11 Plan of Actions and Milestones (POAM) - UT
This goes over the Live Plan of Action and Milestone, (POAM), Mitigation Statements and Milestone Events and how each are used to manage your package.
-
v2.11 Mitigation Statements - UT
Demonstration on creating, uploading and using mitigation statements with your POAM (Plan of Action and Milestones) items.
-
v2.11 Generating Compliance - UT
Demonstration on how to generating compliance, saving and tracking compliance using OpenRMF Professional.
-
v2.11 CCRI - Readiness - UT
Demonstration of how you can apply weights to your vulnerabilities and findings to automate Cyber Readiness scoring and documentation delivery.
-
v2.11 Evidence Management -UT
Demonstration on how to upload and retrieve an image and documents to Vulnerability Items in Checklists, POAM Items and Compliance Statements
-
v2.11 Team SubPackages - UT
This shows how to create Team Subpackages, apply assets to those packages to give your teams access to the checklists, patch information related to their function. This will allow your team to provide you with information for your system package without giving them access to the entire package.
-
v2.11 Reports - UT
How to utilize OpenRMF Professional to pull reports on system package information easy and effectively.
-
v2.11 Documentation - UT
How to retrieve documentation from OpenRMF professional so you can report on the status of your system package or packages.