Overview
This report performs a technical assessment of your AWS environment against key security requirements from NIST Special Publication 800-171. This framework outlines safeguards to protect Controlled Unclassified Information (CUI) in non-federal systems and is required for compliance with U.S. Department of Defense and other federal agency contracts.
This assessment covers the following NIST 800-171 control families:
Access Control (3.1)
- Limit and restrict access to authorized users and functions
- Enforce least privilege, separation of duties, and controlled remote access
- Protect and route CUI through managed access points
Audit and Accountability (3.3)
- Maintain audit logs to detect unauthorized or suspicious activity
- Alert on logging failures and protect audit data
Configuration Management (3.4)
- Define secure baselines and limit nonessential functionality
- Monitor user-installed software
Identification and Authentication (3.5)
- Enforce strong password and identity policies
- Require MFA and protect stored credentials
Incident Response (3.6)
- Establish and track incident response processes internally and externally
Risk Assessment (3.11)
- Continuously scan and remediate vulnerabilities based on risk level
Security Assessment and Monitoring (3.12)
- Maintain up-to-date system security plans and documentation
System and Communications Protection (3.13)
- Control internal/external communications
- Protect CUI in transit and at rest with FIPS-validated cryptography
- Enforce segmentation, deny-by-default policies, and traffic protections
System and Information Integrity (3.14)
- Detect flaws, unauthorized activity, and malicious code
- Respond to alerts and ensure system integrity
The assessment covers many AWS services, including IAM, CloudTrail, S3, KMS, and GuardDuty.
Upon completion, you will receive a detailed report identifying all passed and failed resources, along with actionable remediation steps to help you meet NIST 800-171 compliance requirements.