OREM, Utah, Feb. 24, 2026 -- SecurityMetrics, a leading innovator in compliance and cybersecurity, has officially announced their security framework platform for
CMMC is a standardized set of cybersecurity requirements designed to ensure that controlled government information (like designs or contract details) stays protected from hackers and foreign threats.
With SecurityMetrics' new CMMC solutions, defense contractors of all levels can get innovative tools designed specifically for their unique compliance needs, including:
- A new Self-Assessment Portal with live 24/7/365 CMMC support for Level 1 contractors.
- Readiness services by certified CMMC experts are available for Level 2 Contractors.
- And an innovative CMMC compliance flow-down management portal to connect large contractors with their subcontractors for compliance validation and monitoring.
With over 20 years of compliance experience and as a certified CMMC Registered Provider Organization (RPO), SecurityMetrics is an industry-leader in the compliance space, trusted by over 450,000 business locations worldwide. Their 24/7/365 support team is backed by CMMC experts and compliance assessors.
“We’re excited to launch this suite, because we understand how essential CMMC compliance is to securing contracts with the Department of Defense. We are committed to making the process as seamless as possible, and we’re prepared to guide contractors of all sizes,” said Brad Caldwell, CEO of SecurityMetrics.
As new CMMC requirements take effect, contractors that aren’t able to fulfill compliance requirements could experience the following:
- Loss of Eligibility: Contractors without the required certification will be ineligible for DoD contracts, subcontracts, or renewals.
- False Claims Act Risks: Falsely certifying compliance in the Supplier Performance Risk System (SPRS) can lead to severe civil penalties under the False Claims Act.
- Contract Termination: Failure to maintain certification during the contract life can result in breach of contract.
The SecurityMetrics CMMC release this month is the first rollout of CMMC tools in the suite. There will be a series of new features and solutions to come, including one of the most comprehensive defense contractor networks for CMMC compliance, providing real-time contractor compliance status and reporting.
Find out more about SecurityMetrics CMMC offerings here:
About SecurityMetrics
SecurityMetrics secures peace of mind for organizations that handle sensitive data. From local shops to some of the world’s largest brands, SecurityMetrics helps businesses achieve data security with penetration testing, vulnerability scanning, gap analysis, security consulting, managed services and compliance mandates (PCI, CMMC, HIPAA, GDPR, HITRUST).
SecurityMetrics is a CMMC Certified Registered Provider Organization (RPO), PCI certified Approved Scanning Vendor (ASV), Qualified Security Assessor (QSA), Certified Forensic Investigator (PFI), and Managed Security provider with over 25 years of data security experience. They have tested over 100 million systems for data security and compliance. They are privately held and headquartered in Orem, Utah, where they maintain a Security Operations Center (SOC) and 24/7 multilingual technical support.
For press inquiries, email
Social (LinkedIn, X, FB, Instagram, YouTube): @SecurityMetrics