Automated Compliance: Plan, Assess & Mitigate 

at Machine Speed

Embedded within Ronathan is a semantic model for deep continuous learning that understands the security controls you need to stay in compliance.

HIPAA Compliance

FEDRamp Compliance

CMMC Compliance

CSF Compliance

Ronathan: Risk & Control Analysis Automation

Organizations can and should make informed IT Security compliance decisions every time, all the time. ESR provides organizations with the ability to automate their compliance and security control analysis. With our continuously learning AI-powered compliance engine, organizations can immediately understand their compliance posture and the steps needed to mitigate gaps.


Strengthen your security posture with standardized automated compliance analysis, reporting, and mitigation.


What is HIPAA Compliance?

HIPAA COMPLIANCE

All companies that handle protected health information (PHI) must enact physical, network, and process security measures to ensure HIPAA Compliance. Implementing a data protection strategy ensures the security and control of ePHI. Failure to abide by HIPAA laws will induce financial penalties.


To support compliance Ronathan provides actionable steps for all disciplines involved in the health IT lifecycle from inception to system retirement; consequently helping build in compliance and security instead of bolting it on after the fact.

WHAT WE DO

Compliance and Knowledge Base

Ronathan brings a deep continuously learning semantic understanding of required HIPAA controls.

  • Limited, authorized facility access
  • Policies regarding the use and access of workstations and electronic media
  • Restrictions for transferring, removing, disposing, and re-using electronic media and ePHI
  • Enforcing unique user IDS, emergency access procedures, automatic log-off, and encryption/decryption
  • Audit reports or tracking logs that record any activity on hardware and software


Compliance Requirements

Ronathan’s out of the box knowledge base allows organizations to have a both a big picture and granular view of HIPAA integrated compliance & risk:

  • Risk
  • Atomic level control compliance
  • Mitigation strategies
  • Assessments


Security Knowledge Base

What is CMMC Compliance?

CMMC COMPLIANCE

The Cybersecurity Maturity Model Certification (CMMC) encompasses multiple maturity levels that range from “Basic Cybersecurity Hygiene” to “Advanced”. CMMC combines various cybersecurity control standards such as NIST SP 800-171, NIST SP 800-53, ISO 27001, ISO 27032, AIA NAS9933 and others into one unified standard for cybersecurity. In addition to cybersecurity control standards, the CMMC will also measure the maturity of a company’s institutionalization of cybersecurity practices and processes.

Embedded within Ronathan is a deep continuously learning semantic model that understands the security controls within the 17 domains that makeup CMMC compliance.

 

Ronathan can provide immediate quantifying of CMMC, providing answers to:

  • How far away from compliance we?
  • What do we still need to do?
  • What do we need to do to reach the next level of maturity?
  • Actionable mitigation procedures for Administrators & Developers
  • An Integrated risk compliance view
  • Security compliance planning support
  • Assessment support for Security Testers


CMMC Security Knowledge Base

Ronathan’s out of the box knowledge base allows organizations to have a both a big picture and granular view of CMMC integrated compliance & risk by identifying:

  • Risk
  • Atomic level control compliance
  • Mitigation strategies
  • Assessments


What is FEDRamp Compliance?

FEDRamp COMPLIANCE

The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. It is mandatory for Federal Agency cloud deployments and service models at all impact levels.

Compliance and Knowledge Base 

WHAT WE DO

FedRAMP requirements include additional controls above the standard NIST baseline controls in NIST SP 800-53 Revision 4. These additional controls address the unique elements of cloud computing to ensure all federal data is secure in cloud environments.


Embedded within Ronathan is a semantic continuiously learning model that understands the security controls required for the Low, Mod, and HighFedRamp baseline.

Ronathan can provide immediate answers for FedRamp Compliance by asking:  

  • How far away from compliance we?
  • What do we still need to do?
  • What do we need to do to reach the next level of maturity?
  • Actionable mitigation procedures for Administrators & Developers
  • An Integrated risk compliance view
  • Security compliance planning support
  • Assessment support for Security Testers

What is CSF Compliance?

CYBERSECURITY FRAMEWORK (CSF) COMPLIANCE

The Cybersecurity Framework is voluntary guidance, based on existing standards, guidelines, and practices for organizations to better manage and reduce cybersecurity risk. In addition to helping organizations manage and reduce risks, it was designed to foster risk and cybersecurity management communications amongst both internal and external organizational stakeholders.


Embedded within Ronathan is continuously learning deep semantic model that understands the security controls families that make up the 5 core functions of the Cybersecurity Framework.


CSF Security Knowledge Base

Ronathan can immediately quantify CSF, providing answers to:

  • How far away from compliance we?
  • What do we still need to do?
  • What do we need to do to reach the next level of maturity?
  • Actionable mitigation procedures for Administrators & Developers
  • An Integrated risk compliance view
  • Security compliance planning support
  • Assessment support for Security Testers

Subscription Options

Ready to Get Started?

Copyright © 2020 ESR, Inc. All rights reserved.


RONATHAN by ESR, Inc.

410.442.5501

ronathan@esr-inc.com