Insights & Articles

Practical writing on DoD compliance, RMF, STIG management, and government software development, from the team that builds this stuff for a living.

RMF & Compliance

POA&M Automation for DoD Programs: What It Is, Why It Matters, and How to Do It Right

A practical guide to automating Plans of Action and Milestones in DoD RMF programs, what manual POA&M management costs you, what automation actually looks like, and what to look for in a compliance tool.

March 5, 2026 Christie Frieg 8 min read

Read Article →

STIG Compliance

Free STIG Tools for DoD Compliance: What They Do, Where They Fall Short

A practical look at STIG Viewer, SCC, and OpenSCAP, what each one actually does, where each one stops, and what you still need to manage RMF compliance across a real program.

March 5, 2026 Christie Frieg 9 min read

Read Article →

RMF & Compliance

The Hidden Cost of Open Source Compliance Tools for DoD Programs

Open source compliance tools are free to download but not free to operate. What DoD programs actually spend when they build their RMF workflow around open source software, and the honest question you should be asking before you go that route.

March 5, 2026 Christie Frieg 10 min read

Read Article →

Built by Alethia

CertiField is our STIG compliance tracking and POA&M automation platform, built for DoD programs, deployable anywhere.

Explore CertiField

Topics

About Alethia

Certified WOSB, SBA 8(a), TS FCL. We build operational software and compliance tools for DoD programs in Colorado Springs, CO.

Learn about us →