A SNAPSHOT OF SOME OF OUR
Computer Network Defense (CND) Tools Sustainment and Data Integration
The CND Tools Sustainment and Data Integration contract is focused on utilizing current and future CND Tools to enhance the agency’s ability to provide Security Information Event Management (SIEM) capabilities, Cyber Situational Awareness Analytic Cloud (CSAAC) Analytics & Content, Audit Management, and Insider Threat detection and prevention. In this context Foxhole Technology provides contract management support describing the technical approach, organizational resources and management controls to meet the cost, performance, and schedule requirements; provides day-to-day management, maintenance and documentation support of various CND Tools; provides application level support and sustainment for the current CND Tools that are deployed, including evolving these solutions to meet the dynamic Cyber Defense landscape; provides data integration and technical engineering support to include the process of analyzing, transporting, storing, and importing these new data sets into current and future CND Tools and the management and refining of the agency’s processes that require engineering expertise to architect and implement data integration solutions.
Secure Configuration Management (SCM) Development and Sustainment
The SCM portfolio provides for the integration and optimization of enterprise Information Assurance (IA) applications; tools and data standards to support automated processes used in support of cyber blue force tracking; risk management; and near-real time awareness of devices and software inventory. SCM enables Information System Monitoring as part of the agency’s continuous monitoring strategy – supporting the initial data sets of assets, system configurations, and vulnerabilities. The program leverages inherent SCM capabilities used within combatant commands, services and agencies to provide pervasive enterprise capabilities and interfaced automated capabilities, based on common data standards – e.g. Security Content Automation Protocol (SCAP) – to enhance ability of system users to identify assets; check system configuration compliance against policies and standards; search for potential vulnerabilities; act on known vulnerabilities for known risk posture for system/networks; report status; and share information on a need to know basis. The SCM portfolio is comprised of seven tool sets. Foxhole Technology supports all seven programs within the SCM portfolio from cradle to grave.
Cyber Security Support Services
Foxhole Technology is responsible for providing 24/7/365 continuous monitoring and response capabilities. This includes maintaining a 3-Tier Security Operations Center (SOC) that includes access to cyber threat intelligence. Our team provides intelligence products based on information feeds and our understanding of the agency’s information technology enterprise environment. We provide penetration testing and scanning of the agency’s network/critical business systems and support the agency’s vulnerability management program. We provide incident response and reporting for US CERT reportable incidents. Our team provides project and program management as well as a cyber security engineering team that deploys, tunes, and maintains a full spectrum of information assurance tools such as Splunk, ArcSight, Red Seal, etc. Our team also provides digital forensics support as a managed service. We created the first ever Insider Threat Plan for the agency. The Foxhole Technology team is preparing the contract for a Capability Maturity Model Integration (CMMI) Level 3 Services assessment. This is a managed service contract with service level agreements.
Cyber Risk Management Support
The agency has defined cyber protection, detection, and response as a priority. A Security Risk Executive has been established to advance this priority in an integrated fashion with a singular Authority and vision. In order to advance this strategic vision, Foxhole Technology was brought on to provide support in strategic planning, organizational alignment, and to develop Tactics, Techniques, and Procedures (TTPs) to assist with securing the agency from cyber threats. Foxhole Technology provides strategic management consulting, subject matter expertise, and analytical support to facilitate the end state organizational and functional capabilities. Products derived from this effort include the collection of data and the creation of actionable artifacts necessary to develop, transform, and mature the organization’s cybersecurity capabilities. Foxhole Technology provides the Risk Executive with contractor resources to assist in the development and implementation of strategic initiatives and goals to implement the cyber security strategic vision.
Information Assurance for the Chief Information Security Officer
Foxhole Technology provided information assurance technical support to the Chief Information Security Officer and the Information Assurance Division. Our support included incident management, E-Discovery, governance and risk management. It also included policy and procedure support, security training security engineering and development of the enterprise security architecture. We were required to work with and provide information security related oversight on multiple managed services providers. Foxhole Technology enhanced the agencies information assurance strategic plan. We also developed and facilitated the agency’s first cyber security exercise which assumed a key mission critical system was compromised. Our team provided forensics capabilities and investigations on all IT devices in the enterprise.