Experienced a Breach?
Our emergency incident respose team is available 24/7.

Call Us: 844-HACK-911


If you’re a service provider to the U.S. federal government – whether to civilian agencies or the Department of Defense (DoD) – your information systems must meet requirements as specified in the Federal Acquisition Regulation (FAR) or the Defense Federal Acquisition Regulation Supplement (DFARS). You may also need to comply with the requirements of the International Traffic in Arms Regulations (ITAR) or the Export Administration Regulations (EAR).

– Data from A Higher Education Information Security Council 2016

How we can help you ensure NIST 800-171 Compliance.

NIST 800-171 Risk Assessment

A risk assessment will evaluate the effectiveness of your entire security program. As well as, test your internal and external defenses using real-world attack scenarios.

NIST 800-171 Compliance Gap Assessment

A controls gap assessment is designed to test your organization against each of the NIST 800-171 security controls and prepare your organization for audit.

NIST 800-171 Penetration Test

Designed to fully meet the requirements of PCI DSS, our network and web application penetration testing will validate the effectiveness of your security program by testing it against actual attack scenarios.

Continuous Monitoring

We work with your technical teams to help develop a plan to meet your continuous monitoring requirements, and help you stay on top of your 30-60-90 day patch cycles.

Custom Framework Mapping

NightLion has developed proprietary compliance framework mapping tools to help your organization satisfy multiple audits without wasting redundant business resources.

Managed Security Programs

We will work with you and your organization to develop a technology agnostic managed security program to help satisfy control requirements.

Contact us today for a free consultation

Interested in understanding how our assessments and pricing differs from the competition? Let’s talk.