Forwardable artifacts.

Five public artifacts you can download right now, save, attach to email, drop into a SharePoint, or forward to your SSP author, your CDM lead, your SIEM engineer, or your 889 program manager. None require a sales conversation; none enroll your email anywhere. Each carries a short note on what it's for and who to send it to.

NIST SP 800-53 Rev. 5 control inheritance matrix

cybriq-nist-800-53-r5-control-map.csv · 16 controls · 4 KB → Forward to your SSP author, system owner, or authorizing official's team

A control-by-control walkthrough showing what CybrIQ supplies and what the agency owns. Covers CM-8 family, CA-7, SI-4, SR-3, SR-11, IA-3, AC-19, MP-7, PM-5, PM-30. Each row carries the control name, what CybrIQ contributes, what stays with the agency, and integration notes. Spreadsheet-format so your evaluation team can drop it into an existing SSP-section template.

Download CSV

Section 889(a)(1)(B) detection methodology brief

cybriq-section-889-detection-brief.txt · one page · 4 KB → Forward to your 889 program manager, IG liaison, or supply-chain risk lead

A one-page technical brief on how Layer-1 fingerprint identification catches relabeled covered hardware that asset-register and procurement-record based detection cannot. Covers the five signal classes the fingerprint reads, the reference-library matching approach, and the deployment posture an evaluator will ask about. Plain text so it forwards cleanly through any email system.

Download brief

CDM HWAM gap self-assessment

cybriq-cdm-hwam-gap-self-assessment.md · 15-minute exercise · 3 KB → Use yourself or forward to your CDM HWAM lead

A 15-minute self-assessment that walks the six device categories IG audits keep finding HWAM gaps in: OT and lab, building systems, conference rooms and AV, printers and MFPs, contractor and tenant-agency equipment, and Section 889 specifically. Yes / no / "don't know" answers with quick scoring at the end. Useful before any vendor briefing in this category — including ours — so the conversation lands on real gaps, not theoreticals.

Download checklist

Sample syslog event payloads

cybriq-sample-syslog-events.txt · five sample events · 4 KB → Forward to your SIEM engineer, SOC lead, or integration architect

What an agency's SIEM actually receives from CybrIQ. RFC 5424 format, structured-data element, real field names, sample values. Five event types covered: routine identification, covered-entity match (Section 889), authorization-list deviation, device removal, USB-protection event from the optional endpoint agent. Integration notes at the bottom for Splunk Cloud for Government and Microsoft Sentinel for Government.

Download samples

Sample audit-trail export (CSV)

cybriq-sample-audit-trail.csv · 15 sample rows · 3 KB → Forward to your SSP author, C3PAO walkthrough lead, or assessor

The shape of an audit-trail export an agency would attach to an SSP, eMASS upload, or POA&M reference. Per-event row format with the fields a federal assessor expects: event ID, timestamp, switch/port/VLAN, MAC, identified vendor, model class, confidence, authorization state, covered-mandate tag, and the NIST 800-53 / CSF controls each event is evidence for. Includes covered-entity (NDAA 889), authorization-list deviation, and USB-protection event examples. Signed at the control plane with a SHA-256 hash; bottom of the file shows the signature line.

Download CSV