top of page

OUR SERVICES

Security Planning and Evaluation

Our experts have helped organizations of all types find the answers they need to optimize their security posture. Working with everyone from C-level executives to front-line engineers, we will address your strategic and operational concerns around cybersecurity.

Offerings:

Project Life Cycle

Many organizations need expert guidance in orchestrating the security they need to stop insider threats and data breaches. We will help you:

  • Define business requirements and de-limit project scope

  • Collect relevant data to be used in policy design and QA testing

  • Understand the steps for optimal implementation, evaluation and tuning of your security solutions

Pre-Implementation Consulting

We work with you and draw from security engineering best practices to design your data security program according to your specific use case and needs. We will:

  • Create an architecture and design diagram of security solutions within your IT environment

  • Tailor a pre-installation checklist and flowchart for your implementation or upgrade

  • Complete expert knowledge transfer for policy and user creation

Post-Implementation Consulting

After your data security program is in place, we work with you to ensure that relevant systems are optimized for the target environment and that your hardware can handle your network traffic volumes. We will help you:

  • Validate that your deployment is aligned with engineering best practices

  • Optimize your monitoring of secure traffic so that you can deploy SSL decryption with confidence — without slowing down your business

  • Configure your Web reporting and SIEM Integration

  • Address common security issues and topics

Testing Standards

NIST 800-37 (RMF) Based Processes

  • Selection and tailoring of NIST 800-53 controls and overlays

  • Tailoring of System Security Plan (SSP) and related documentation

  • Execution of formal test events

Legacy Top Secret and Below Interoperability (TSABI) Process

  • Development of Cross Domain Appendix

  • Support community briefings

  • Delivery, training and support for certification testing

  • Support site test and evaluation, including final reports

Community-Specific Processes

  • Experience with a wide variety of unique processes used in specific scenarios

Technical Security Expertise

We are committed to helping our customer organizations achieve their missions by getting the most out of their security investment.

Offerings:

Data Security Program Design

You know that your organization needs better protecting against insider threats and data theft — but do you know how to achieve that? We will design the right solution based on your company’s specific needs. With this service, we:

  • Document the security measures you currently have in place

  • Recommend optimizations based on our deep experience

  • Identify and prioritize critical data assets for inclusion in your Data Protection program

  • Design program governance measures, including escalation workflows, periodic policy tuning and use-case evaluation

DLP Policy Evaluation

Are your current policies aligned properly with your organizational needs? Our consultants will determine the effectiveness of your deployed DLP policies against your stated business use case to:

  • Assure that DLP product capabilities are being maximized

  • Test and optimize your policies to maximize security by minimizing false positive and false negatives

Technical Optimization

Are your security solutions configured for optimal performance? Employing security engineering best practices, our consultants will:

  • Ensure that relevant systems are properly architected, configured and deployed for the target environment

  • Validate that current hardware meets recommended specifications and is appropriately sized for your data and traffic volumes

Professional Services Offerings

A&A Processes and Facilitation

  • Guidance on best practices for each community and process

Tailored A&A Documents

  • Deployment-specific documentation with reuse from common body of evidence

Assessment Support

  • Test plan/procedure development, dry run and formal execution

Authorization Support

  • Briefings to authorizing officials; generation of Plan Of Action and Milestones (POAMs)

Trusted Agent

  • Certifying Authority Services on behalf of Government customers

bottom of page