Our Lab is an integral part of our success

The Foxhole Technology Innovation Lab in Chambersburg, PA supports a myriad of Innovation and Research and Development (R&D) initiatives for our clients – including, but not limited to –  the Defense Information Systems Agency (DISA); the Department of Education (ED); and the Federal Aviation Administration (FAA). Our lab, with fully integrated  Amazon Web Services (AWS), allows targeted elements of our organizational clients to virtually connect – enabling innovative, thorough development and testing of software and solutions in a mirrored environment – resulting in greatly reduced cost and time to field.

Fully Integrated Cloud Capabilities

We provide the integration and optimization of enterprise Cyber Security applications, tools and data standards to support the automated processes used in cyber blue force tracking, risk management, near-real time awareness of devices and software inventory. We leverage the inherent capabilities used within combatant commands, services, and agencies (CC/S/As) to provide pervasive enterprise capabilities and fully automated capabilities based on common data standards (e.g. Security Content Automation Protocol (SCAP)) to enhance the CC/S/As ability to identify assets, check system configuration compliance against policies and standards, search for potential vulnerabilities, act on known vulnerabilities for known risk posture for system/networks and report status and share information on a need to know basis. Our lab provided the development and testing capabilities for the unique, agile software development – to support entire portfolios – that incorporate fully integrated cloud capabilities.

World Wide SIEM capabilities

We provide data integration, analytic development and technical engineering support for current and future Computer Network Defense (CND) Tools. The scope our work spans the world and addresses utilization of current and future innovative CND Tools to enhance the ability to provide Security Information & Event Management (SIEM) capabilities, Cyber Situational Awareness Analytic Cloud (CSAAC) Analytics & Content, Audit Management, and Insider Threat detection and prevention. As a further example of innovation, we recognized a gap in the SIEM analytics and developed the Correlated Risk Visualization (CRV) application to bridge the gap and provide cyber risk visualization of assets. Our lab was instrumental in the successful deployment of these innovative approaches – using Amazon Cloud Services – to support R&D, development, testing and evaluation.

Continuous Monitoring and Risk Scoring (CMRS)

We developed an innovative cloud based system that visualizes the cybersecurity risk of the Department of Defense (DoD) based on published asset inventory and compliance data. The risk state of the DoD Enterprise security controls for software inventory, antivirus configuration, Security Technical Implementation Guide (STIG), and Information Assurance Vulnerability Management (IAVM) vulnerability and patch compliance are measured and reported. Our development supports the risk-management approach to cybersecurity oversight by quantitatively displaying an the security posture of an organization through the use of risk dashboards. Using the risk dashboards, users can gather actionable direction, implement prioritized mitigation decisions, and ensure effectiveness of security controls to support their cybersecurity risk management duties. Our lab provided a mirrored environment for our Agile development teams – including a test team that performs sprint testing against specific requirements, regression testing and integration testing – and an implementation team that deployed new code and patches into the production environment.

Photo by solarseven/iStock / Getty Images

First of a kind (FOAK)

Enterprise customers today have deployed numerous security controls –including sensors (such as intrusion prevention and detection systems); and Enterprise Security Management systems (such as tooling for identity, access and audit management). While these tools enable enterprises to get a better handle on their security posture, it has also resulted in a multitude of event alert streams, as well as logs and audit records, that contain intelligence that is not fully mined. The inability to consolidate and correlate these events and data – automatically and at line speeds – and present them to the security analyst in a semantically meaningful manner, robs security analysts and administrators of a valuable tool to defend enterprise networks. Our FOAK interactively creates and automatically checks intrusion models (Botnet models etc.) in real time. Our FOAK Cyber Security solution provides analytic technologies, and entirely new and innovative approaches to protecting large digital and physical infrastructures from hacking, botnets, malware and other forms of cyber attacks.