Success Stories

What We Do

Developing the Right, Resilient Solutions

When we work with you, we become intimately familiar with your enterprise. We will come to know exactly what software and hardware it is and why it is in your enterprise. Then, we use a repeatable and controllable lifecycle that finds and corrects defects for both software and processes. Proactive Cyber Threat MitigationTM ensures your enterprise maintains four key characteristics:  1) Traceability; 2) Integrity; 3) Repeatability; and 4) Agility.

We are the experts to the experts. When someone says, “It can’t be done,” our response is “Hmmmm. Let’s see.”

REVOLUTIONIZE AUTOMATED SHARING BETWEEN SECURITY DOMAINS

CHALLENGE.  Develop solutions to revolutionize automated sharing of DoD application mission data for the warfighter for the United States Federal Government. The DoD lacked a way to automatically share mission data originating from their applications between security domains.

SOLUTION.  We met with the government SMEs to listen to their goals, document the requirements, gather the security and data policies, and identify the challenges from both the headquarters’ and warfighter’s perspectives. Using the customer’s data backbone layer, we developed a mission data adapter, which adheres to the Confidentiality, Integrity, and Availability (CIA Triad) policies. The success of the mission data adapter proves data can traverse CDS-connected security domains and would be accredited.

RESULT.  Mission success. We developed a mission data adapter that automatically shares mission data originating from warfighter applications between security domains. Our data adapter can scale vertically, horizontally, and parametrically, deploying the right information, to the right people, at mission speed.

REVOLUTIONIZE AUTOMATED SHARING BETWEEN SECURITY DOMAINS

CHALLENGE.  Develop solutions to revolutionize automated sharing of DoD application mission data for the warfighter for the United States Federal Government. The DoD lacked a way to automatically share mission data originating from their applications between security domains.

SOLUTION.  We met with the government SMEs to listen to their goals, document the requirements, gather the security and data policies, and identify the challenges from both the headquarters’ and warfighter’s perspectives. Using the customer’s data backbone layer, we developed a mission data adapter, which adheres to the Confidentiality, Integrity, and Availability (CIA Triad) policies. The success of the mission data adapter proves data can traverse CDS-connected security domains and would be accredited.

RESULT.  Mission success. We developed a mission data adapter that automatically shares mission data originating from warfighter applications between security domains. Our data adapter can scale vertically, horizontally, and parametrically, deploying the right information, to the right people, at mission speed.

DRAFT HIGH IMPACT CDS POLICY

CHALLENGE.  Develop a standard set of best practices and guidance documents for critical areas of CDS development for the United States Federal Government. Write in a practical manner, such that the CDS community can implement the guidance and then receive its accreditation.

SOLUTION.  We verified mission goals, documented technical requirements, performed extensive research, interviewed and collaborated with subject matter experts (SMEs), wrote reference code, and tested the reference code.

Met with stakeholders representing more than 20 Federal agencies, more than 1,000 CDS implementors, and more than a dozen companies. Ensured guidance adhered to RTB, NIST, and C.I.A Triad. High-level considerations included 1) Identify unique environment risks; 2) Prioritize the risks; 3) How to secure the technology based on risk; and 4) Ensure on-going system and application security integrity.

RESULT.  One Draft Guidance Documents is with the Customer. We are awaiting feedback. The planned release date by the Federal government is Oct/Nov 2022.

DRAFT HIGH IMPACT CDS POLICY

CHALLENGE.  Develop solutions to revolutionize automated sharing of DoD application mission data for the warfighter for the United States Federal Government. The DoD lacked a way to automatically share mission data originating from their applications between security domains.

SOLUTION.  We met with the government SMEs to listen to their goals, document the requirements, gather the security and data policies, and identify the challenges from both the headquarters’ and warfighter’s perspectives. Using the customer’s data backbone layer, we developed a mission data adapter, which adheres to the Confidentiality, Integrity, and Availability (CIA Triad) policies. The success of the mission data adapter proves data can traverse CDS-connected security domains and would be accredited.

RESULT.  Mission success. We developed a mission data adapter that automatically shares mission data originating from warfighter applications between security domains. Our data adapter can scale vertically, horizontally, and parametrically, deploying the right information, to the right people, at mission speed.

REDUCE EFFECTIVENESS OF BAD ACTORS

CHALLENGE.  Research whether software can determine a file’s compliance to a specification and if the file contains malicious attributes for the United States Federal Government.

SOLUTION.  Our team supports the customer’s ongoing mitigation efforts to reduce the effectiveness of bad actors sending malicious content. Initially, the customer expressed a low expectation for success, as this research had not been attempted before as others thought this task to be impossible.

We built our own schemas in Daffodil using Data Format Description Language (DFDL). We parsed everything possible from JPG, PNG, BMP, and GIF files. For example, our JPEG schema has more than 350 compliance factors. We set policies around the malicious deviations and actions.

RESULT.  We pushed the capabilities of the open-source program beyond its stated features. The lead Daffodil software developer said, “it couldn’t be done.” Currently, we have analyzed more than 1M files of various formats, with a verification success rate of 98%. As this project is ongoing, we continue working on PNGs to reach 100% and will then start on the other additional formats.

REDUCE EFFECTIVENESS OF BAD ACTORS

CHALLENGE.  Research whether software can determine a file’s compliance to a specification and if the file contains malicious attributes for the United States Federal Government.

SOLUTION.  Our team supports the customer’s ongoing mitigation efforts to reduce the effectiveness of bad actors sending malicious content. Initially, the customer expressed a low expectation for success, as this research had not been attempted before as others thought this task to be impossible.

We built our own schemas in Daffodil using Data Format Description Language (DFDL). We parsed everything possible from JPG, PNG, BMP, and GIF files. For example, our JPEG schema has more than 350 compliance factors. We set policies around the malicious deviations and actions.

RESULT.  We pushed the capabilities of the open-source program beyond its stated features. The lead Daffodil software developer said, “it couldn’t be done.” Currently, we have analyzed more than 1M files of various formats, with a verification success rate of 98%. As this project is ongoing, we continue working on PNGs to reach 100% and will then start on the other additional formats.

Contact

Become our Newest Happy Customer

Contact us to learn more about our Proactive Cyber Threat MitigationTM approach and how our cyber and engineering services will help make your organization more resilient.