In Phase II of this project, Trility helped this client meet the security requirements mandated by a key customer with an automated Policy as Code solution that tests, validates, and provides evidential proof.
To meet Federal regulations and requirements, this client needed to implement security controls and produce evidence in support of the ICD-503 accreditation of the SecOps 2.0 program environment running in the SC2S AWS partition.
Trility built Developer Services applications compliant with the applicable security controls and also provided test plans to validate the control implementation and evidence of test results.
Through learning sessions, demos, and documentation, a seamless handoff was created for the client’s team members.
The client achieved the following outcomes:
Hardening of Developers Services applications through automated mechanisms.
Met all security controls with documented test plans and procedures and generated evidence with a readable and human-friendly report.
A working solution that spanned multiple cloud accounts and inside cloud services.
A reduction in future costs for evidencing compliance to ICD-503 controls.
