The DoD warfighting and defense mission capability is at constant risk of impairment or exploitation due to vulnerability in the system supply chain and its critical functions. Vulnerabilities within a system may be sabotaged or subverted by foreign intelligence, terrorists, or other hostile parties. Due to these risks it is essential that robust system engineering, supply chain risk management, security, cybersecurity, software, assurance and information systems security engineering disciplines are utilized to determine and manage risk to system integrity. This Phase I effort is to provide a solution to satisfy Risk Management Framework (RMF) goals mandated by defense cybersecurity operations (DCO) through creating an automated framework (STIGAssist) to assess, remediate, analyze and report cybersecurity vulnerabilities, as based on DISA STIGs, therefore retaining the agility of our mission critical systems. Maintaining agility to keep pace with the nature of new and existing threats along with system expansions is critical in this contested cyber environment as warfighter mission goals and objectives develop and evolve. This Phase I will provide a feasibility study to determine the potential of developing an application for the purpose of cybersecurity risk management analysis, assessment and mitigation tool with the ability to ingest DISA-based security standards.Cybersecurity vulnerabilities,STIG automation,RMF control management,Information Technology,Information Assurance,protect DoD information network,software development,system administration
