Cybersecurity Maturity Model Certification compliance
CMMC is the DoD framework requiring defense contractors to implement cybersecurity standards and practices to protect controlled unclassified information (CUI).
Coming soon
CMMC mapping is on the Furix roadmap. The framework reference and Furix's planned coverage are documented below — automated assessment ships once the SCF crosswalk seed is validated by our compliance team. Add yourself to the waitlist to get notified when it goes live.
KEY REQUIREMENTS
What CMMC requires
Core requirements and controls mandated by Cybersecurity Maturity Model Certification.
- Level 1: Basic cyber hygiene (17 practices)
- Level 2: Advanced cyber hygiene aligned to NIST SP 800-171
- Level 3: Expert practices aligned to NIST SP 800-172
- Protection of controlled unclassified information (CUI)
- Incident reporting to DoD within 72 hours
PLANNED COVERAGE
CMMC coverage on the Furix roadmap
Once CMMC ships, Furix will deliver the following capabilities. Today this framework is documented for reference and prioritised on our roadmap.
- Automated assessment against all CMMC levels and practice areas
- CUI data flow mapping and exposure monitoring
- Pre-assessment readiness scoring and gap analysis
- Continuous POA&M tracking and remediation management
Be first when CMMC ships
Join the waitlist to get notified the moment CMMC mapping is live, plus early-access onboarding.