Cybersecurity Maturity Model Certification (CMMC)

Featured CMMC Solution Providers by Domain

CMMC organizes cybersecurity processes and best practices into 3 maturity levels and 14 capability domains based on requirements in FAR Clause 52.204-21, NIST Special Publication 800-171, and NIST Special Publication 800-172. The 3 Maturity Levels of the CMMC Framework are:

Level 1 Foundational Security: FAR Clause 52.204-21 17 practices for basic safeguarding of FCI
Level 2 Advanced Security: Aligns with NIST 800-171's 110 controls and security requirements
Level 3 Expert Security: Expected to align with NIST 800-172's enhanced security requirements

Explore CMMC capability domains and compliant technologies from our solution providers below.

Search By:

AT - Awareness & Training ✕ (12)
AC - Access Control ✕ (36)
AU - Audit & Accountability ✕ (33)
CA - Security Assessment ✕ (22)
CM - Configuration Management ✕ (26)
IA - Identification & Authentication ✕ (24)
IR - Incident Response ✕ (28)
MA - Maintenance ✕ (15)
MP - Media Protection ✕ (19)
PE - Physical Protection ✕ (7)
PS - Personnel Security ✕ (7)
RA - Risk Assessment ✕ (28)
SC - System & Communications Protection ✕ (33)
SI - System & Information Integrity ✕ (32)

Carahsoft鈥檚 Portfolio of CMMC Products & Services

AT - Awareness & Training

AC - Access Control

AU - Audit & Accountability

CA - Security Assessment

CM - Configuration Management

IA - Identification & Authentication

IR - Incident Response

MA - Maintenance

MP - Media Protection

PE - Physical Protection

PS - Personnel Security

RA - Risk Assessment

SC - System & Communications Protection

SI - System & Information Integrity

CMMC Sales Desk at Carahsoft

Carahsoft is the trusted distributor for the DIB and CMMC. Our Subject Matter Experts can help identify the right solutions for your agency based on unique challenges within your IT environment.

Explore the Carahsoft CMMC Sales Desk to learn how we can help you achieve CMMC compliance and embrace this critical National Security mission.

Military DC.jpg 鈥�

__ _

Governance, Risk and Compliance

___

Governance, Risk and Compliance (GRC) is critical for Defense agencies to fulfill the security requirements established by the CMMC. Explore our vendors that deliver GRC platforms aligned with the CMMC framework. .

Managed Security Service Providers

Managed Security Service Providers (MSSPs) support Federal agencies with network security support that ensures CMMC compliance. Learn more about our MSSP partners that meet CMMC requirements.

Pentagon

鈥�

__ _

CMMC Framework Explained

___

CMMC is the cybersecurity framework used by the DoD to measure a suppliers’ cybersecurity maturity and ensure protection of CUI residing on contractor networks. The CMMC framework includes an assessment requirement that verifies the execution of security practices by maturity level and standardizes implementation across the DIB.

_____ __

Education

Report: CMMC: Securing the Defense Industrial Base

As the Defense Department moves forward on its cybersecurity requirements for contractors, a growing ecosystem of technology providers is helping companies navigate the journey to certification.

Federal Report Supply Chain/CMMC

Learn from leaders at DoD, NIST, NTIA, and CISA on how agencies are reevaluating their security posture. Featuring additional insights from technology leaders at Trustwave, Qmulos, Zscaler, Solarwinds, and MicroFocus Government Solutions.

Managing Cyber Exposure in Law Enforcement

Michael Rothschild, Senior Director of Marketing for Tenable, shares advice for protecting data and resources as the cybercrime landscape expands and evolves.

Community Trends Blog

- Cybersecurity
Supply Chain: Securing Our Vulnerabilities

November 30th, 2022

Supply chain attacks can be devastating, but organizations are working to secure their supply chain and data, and creating a backup plan to avoid disaster.
- Tagged CMMC, Cybersecurity, supply chain
Alex Whitworth
Cybersecurity Solutions Vertical Executive, Carahsoft
- Cybersecurity, Department of Defense
Understanding the Philosophy and Complementary Nature of DFARS and CMMC 2.0

November 10th, 2022

Discover how DFARS interacts with CMMC 2.0 to protect controlled unclassified information (CUI) and impacts your organization's cybersecurity methodology.
- Tagged CMMC, Cybersecurity, Department of Defense, DFARS, NIST
Alex Whitworth
CMMC Program Executive, Carahsoft
- Cybersecurity, Department of Defense
The Cybersecurity Maturity Model Certification: Version 2.0

January 11th, 2022

CMMC, a unified standard that will measure and certify cybersecurity requirements in organizations working with the DoD, continues to evolve.
- Tagged CMMC, Cybersecurity, Department of Defense
Alex Whitworth
CMMC Program Executive, Carahsoft
- CMMC, Customer Experience & Engagement, FedRAMP
Improving the User Experience by Integrating Security

January 29th, 2021

Okta's Chris Niggel talks the importance of choosing the right security solutions, keeping users engaged and where agencies will focus their efforts in the future.
- Tagged CMMC, Customer Experience and Engagement, digital experience, Digital Government Services, FedRAMP, okta
Christopher Niggel
Regional Chief Security Officer for the Americas, Okta
- Law Enforcement Technology, State and Local Government
Best of What’s New In Law Enforcement

January 8th, 2021

Read the latest insights on Law Enforcement from Government Cloud thought leaders and additional research from GovTech on the Carahsoft Community Blog.
- Tagged AWS, Chainalysis, CMMC, COVID-19, Department of State, GovTech, Innovation in Government, Law Enforcement Technology, Public Safety, Tenable
The Carahsoft Team
- Cybersecurity
Raising Agencies’ Cyber Intelligence

October 16th, 2020

Read the latest insights from cyber intelligence thought leaders and additional government perspectives on the Carahsoft Community Blog.
- Tagged BlackBerry, CMMC, Cybersecurity, Department of Defense, DLA, FireEye, GovLoop, Innovation in Government, MNIT, Recorded Future, Trend Micro
The Carahsoft Team
- Cybersecurity
Best of What’s New in Cybersecurity

October 8th, 2020

Read the latest insights from Government Cybersecurity thought leaders and additional research from GovTech on the Carahsoft Community Blog.
- Tagged CMMC, COVID-19, Cybersecurity, F5, FireEye, GovTech, Innovation in Government, McAfee, Palo Alto Networks, RSA, Secureworks
The Carahsoft Team
- Cybersecurity
Current Cybersecurity Trends: The Next Wave of Cybersecurity

August 28th, 2020

Read the latest insights from these Government Cloud Security thought leaders and additional industry research from FCW on the Carahsoft Community Blog.
- Tagged BeyondTrust, Centrify, CMMC, COVID-19, Cybersecurity, Exabeam, Expanse, FCW, Forescout Technologies, Fortinet, Gigamon, Infoblox, Innovation in Government, SentinelOne, SolarWinds, Trustwave
The Carahsoft Team
- Artificial Intelligence
Meeting the Requirements of the Supply Chain Imperative

May 13th, 2020

Read the latest insights from Government Supply Chain thought leaders and additional government interviews on Carahsoft's Community Blog.
- Tagged Artificial Intelligence, CMMC, Expanse, Forescout Technologies, GovLoop, Innovation in Government, IronNet, RSA, supply chain
The Carahsoft Team

Upcoming Events

Webcast

CMMC EVENT

Carahsoft's CMMC Webinar Series - CMMC Compliance Boot Camp: Securing the DIB

Hosted By: Carahsoft

December 31, 1969

7:00 PM ET

Webcast

CMMC EVENT

Navigating CMMC Compliance: The Integral Role of Managed Security Service Providers

Hosted By: BlueVoyant, Microsoft & Carahsoft

December 31, 1969

Resources

RESOURCE

Secude HaloCAD

With HaloCAD, you can secure CAD files wherever they travel, ensuring lifelong access control and protection inside and outside your IT perimeter. HaloCAD's automatic data protection safeguards your sensitive files against leaks or theft, helping you demonstrate compliance, avoid penalties, and enhance your competitive edge by meeting stringent data protection standards like NIS2 and CMMC.

RESOURCE

How a US DoD Aerospace Contractor Uses Secude HaloCAD for CMMC Compliance

The Aerospace Contractor needed to comply with CMMC 2.0 standards for handling Controlled Unclassified Information (CUI) and used HaloCAD to protect, track, and control access to their CAD files without disrupting operations. This solution enabled the contractor to streamline and expedite their CMMC 2.0 compliance process, ensuring they met all necessary security requirements.

News

CMMC NEWS

SolCyber and Carahsoft Forge Alliance to Expedite CMMC Compliance for Defense Contractors

May 21, 2024

SolCyber and 男人宫殿., The Trusted Government IT Solutions Provider^庐, proudly announce the launch of their groundbreaking initiative: The CMMC Readiness Program.

CMMC NEWS

January 14, 2024

Gold Comet has recently joined in partnership with Carahsoft and Cyturus Technologies to provide CMMC certification support to customers seeking accreditation. Gold Comet will support this effort with quantum-secure data storage for customer records management.

男人宫殿

Solutions for Public Sector

Events & Resources

Contracts & Ordering

Join Our Partner Ecosystem

CMMC Compliant Products and Services

Featured CMMC Solution Providers by Domain

Search By:

Carahsoft鈥檚 Portfolio of CMMC Products & Services

CMMC Sales Desk at Carahsoft

Governance, Risk and Compliance

Managed Security Service Providers

CMMC Framework Explained

Education

Community Trends Blog

Supply Chain: Securing Our Vulnerabilities

Understanding the Philosophy and Complementary Nature of DFARS and CMMC 2.0

The Cybersecurity Maturity Model Certification: Version 2.0

Improving the User Experience by Integrating Security

Best of What’s New In Law Enforcement

Raising Agencies’ Cyber Intelligence

Best of What’s New in Cybersecurity

Current Cybersecurity Trends: The Next Wave of Cybersecurity

Meeting the Requirements of the Supply Chain Imperative