Stern Security has released a free version of our enterprise Velocity product! With the free version, companies can evaluate their security with CMMC Level 1 and other baseline frameworks including CISv8 Implementation Group 1 and 405(d) HICP (Small Orgs). CISA.gov has recognized Stern Security’s Velocity product as a method that companies can use to evaluate their baseline security for free! To learn more about CMMC, please review our article on the updated CMMC framework.
With respect to CMMC, companies can use the free version of Velocity to perform a CMMC Level 1 self-assessment, get their NIST SP 800-171 DoD Assessment Score (out of 110 points), and create a System Security Plan (SSP). Velocity will track the estimated dates of completion for any deficiencies which will contribute to the SSP.
Why is this free?
It all starts with our vision. Stern Security’s vision is to “Secure the Planet”. We understand that many smaller companies cannot afford an enterprise security product. Velocity is THE platform for performing a free CMMC Level 1 guided self-evaluation. No company should have to struggle to afford being compliant. Velocity is a way to quickly achieve your compliance goals and get back to work.
What do you get in the paid version?
A paid subscription will give you access to perform a CMMC Level 2 assessment, reporting capabilities, cyber ROI calculations, third-party risk management, verified assessments, and more.
How to Get Started
If your organization is a defense contractor and needs to adhere to this regulation, you can get started easily. Create an account on our Velocity platform and select the CMMC Level 1 framework on your profile page. On the assessment page, you’ll select the CMMC Level 1 framework to start the evaluation.
Enjoy this free version of our enterprise Velocity platform to easily evaluate CMMC Level 1. You can purchase a subscription to Velocity if you ever need CMMC Level 2, are interested in cyber ROI calculations, reporting, or our third-party risk assessments.



