Vulnerability Based Cybersecurity Assessments in the Field
By Annie Richardson
CUSTOMER CHALLENGE
With recent automated discovery, it has become prohibitively challenging to manually curate rules for detecting cyber manipulations. It is imperative to detect cyber-attacks that attempt to evade the detection of firewalls and network intrusion detection systems. These evasions attack largely involve subtle manipulations of packets to cause different behaviors at a Deep Packet Inspection (DPI) and end hosts to cloak malicious network traffic that is otherwise detectable.
The AIMD Data Management team was accustomed to using several older toolsets and processes that did not meet the cybersecurity standards necessary to be migrated to the client, Army Future's Command (AFC), MADE Cloud. The developers of the Data Management team had to meet with the independent AFC MADE Cloud development team to undergo transition training on available toolsets. A plan needed to be developed and approved by the proponents that mitigated cost and schedule risks to the transition to the cloud, which was the number one priority for the customer, while continuing development on downstream customer features.
THE JANUS APPROACH
The JANUS Research Group brings advanced cybersecurity capabilities that include an expert staff (DoD 8570 IAT Levels II and IAM II certified) and fully compliant, innovative processes and tools that effectively address Cybersecurity requirements.
JANUS AIMD information security/assurance personnel execute all tasks necessary to maintain Risk Management Framework (RMF) accreditation on all ArCADIE application servers. Activities include developing and reviewing compliance documentation such as Configuration Management Plans, Network Infrastructure Plans, Business Continuity and Disaster Recovery Plans and all supporting policies in support of RMF assessment and authorization (A&A) activities. Our staff selects security controls IAW DoDI 8500, DoDI 8510 and NIST SP 800-53; identifies mitigating controls for risk and propose additional mitigation strategies for identified vulnerability; designs and implements data network security measures; operates Network Intrusion Detection and Forensics; and conducts performance analysis of IS security incidents.
Cybersecurity is a core competency of JANUS with an established cybersecurity center of excellence, JANUS Cyber Defense Group (JCDG), to serve as a collaborative group of credentialed technical professionals focused on addressing cybersecurity challenges. Our Cybersecurity IPT Chair, leads the JCDG and has company-wide access to the tools and talent to rapidly and effectively address complex Cybersecurity challenges. Through state-of-the-art machine learning techniques, JANUS incorporates vulnerability-based assessments to detect stealthy cyber-attacks that attempt to evade the detections of firewalls and network intrusion detection systems.
JANUS provides Cybersecurity and Accreditation Services for several Divisions of the US Army, including Battle Labs located at Ft Eustis, VA, Ft Lee, VA, Ft Rucker, AL, Ft Leonard Wood, MO, Ft Gordon, GA, and Ft Huachuca, AZ. We also chair the JANUS Cyber Defense Group, a group of Cybersecurity professionals across the Industry, Government, and Military.
CUSTOMER BENEFITS AND FEEDBACK
As a result, an extensive layer of cybersecurity was built out in order to protect sensitive information and consumer data. Once the system had attained an appropriate security posture Test and Deployment environments were setup in the MADE cloud to accept artifacts from Development environment. Setting up this DevSecOps pipeline allows the development teams to stay nimble and meet changing requirements as necessary.