Cyber Security

Information Assurance

Traversing through the myriad of security guidelines and directives can be bewildering—let us assist. SecuriGence has developed security policies, procedures, and guidelines based on many different forms of guidance, such as NIST 800 Series, DoD Instructions, Risk Management Framework (RMF), DoD directives such as TASKORDs and PLANORDs, and the ICD Series. We have utilized these guidelines, while integrating agency-specific guidance and requirements to produce effective solutions. SecuriGence also has experience managing agency programs such as Information Assurance Vulnerability Management (IAVM), Vulnerability Management System (VMS), and 8570 Workforce Improvement Program (WIP).

Computer Network Defense

The malicious actor attempting to exploit your information systems only has to be right once. While today’s IT capabilities have fundamentally transformed the way we operate, they have also increased our attack profile exponentially. SecuriGence has leveraged leading edge technology, such as next-generation firewalls (NGFW), big data SIEM solutions, and sandboxed virtual execution of code, to develop holistic, best-of-breed security stacks for our customers. Our staff are computer network defense experts, tackling the latest risks to information systems, such as advanced persistent threats (APTs), zero-day exploits, and insider threat.

Security Engineering

An unpatched Windows system will survive approximately 5 minutes on the open Internet according to the Internet Storm Center (ISC). The truth is, fundamental system hardening, implementation of an anti-malware suite, and other security best-practices can substantially decrease the attack surface. Our security engineering staff utilize NIST, DISA STIGs, and CIS benchmarks, among others, coupled with organization-specific guidance, and industry best-practices to harden systems. SecuriGence has implemented and maintained enterprise deployments of industry leading anti-malware suites, to include the DoD’s execution of McAfee ePolicyOrchestrator, known as HBSS. Vulnerability scanning is a key component of assessing weaknesses in network components, endpoints, and software. SecuriGence engineers have experience with numerous vulnerability scanners, to include Retina, Acunetix, and Nessus—along with the DoD implementation of Nessus, called Assured Compliance Assessment Solution (ACAS). Our staff are certified in various Microsoft, Red Hat Linux, Cisco and other products, and are authorities at securing them against malicious actors.

Certification and Accreditation (C&A)|Assessment and Authorization (A&A)

What value is an information system without an authority to operate (ATO)? All dressed up and nowhere to go. C&A/A&A, while essential to gaining approval to operate an information system, is more importantly critical to the process of risk management within an organization’s overarching security program. The selection and specification of security controls, and subsequent implementation and testing, is crucial to ensuring that an information system has security baked-in from inception and throughout its system lifecycle. SecuriGence has extensive experience with many accreditation vehicles, to include:

  • Defense Information Assurance Certification and Accreditation Process (DIACAP)
  • DoD 8510.01 Risk Management Framework (RMF) for DoD IT
  • NIST 800-37
  • Director of Central Intelligence Directive (DCID) 6/3
  • Joint SAP Implementation Guide (JSIG)
  • DoD Joint Security Implementation Guide
  • We have guided organizations through all phases of C&A/A&A, to include control selection, auditing, artifact generation, and plan of actions and milestones (POA&M) management, with 100% success in attaining ATO/ATC.

Zero Trust

We design and implement new security approaches for our customers that evolve with the ever-changing cyber landscape. These initiatives enhance security, scalability, and operational resilience across our customers enterprise architecture.

We successfully designed, developed, implemented, and deployed federally accredited Zero Trust Architecture (ZTA) endpoint solutions.

Cross Domain Solution

A solution that enables enterprises of different domains of control and levels of classification a means to access and share information seamlessly and securely. We are one of the few proven businesses with an established MLS solution. A key advantage of our Cross Domain Solution is that it is vendor agnostic, offering flexible solutions to the customer. Our platform supports multiple operating systems, tailoring specific software needs within a Special Access Program (SAP) enterprise, including Windows, Linux, and any other OS. We have been revolutionizing MLS and CDS by improving customer experience and ease of use through latest technologies, while maintaining a vendor-neutral approach and ensuring the ability to leverage existing investments.

Enterprise Engineering, Architecture and Integration

System Design and Development

Without a detailed and well executed design, you end up with the Leaning Tower of Pisa. We apply our broad experience to build and maintain enterprise information systems using proven methodologies and processes to afford maximum availability and reliability. SecuriGence gathers customers’ technical requirements with acute attention to detail and traceability, resulting in tailored solutions to support the organization’s mission.

System Integration

Can you imagine if an airplane’s engine management computer could not communicate with the flight control system? Talk about a flight delay. Without integration, you just have a collection of disparate pieces. SecuriGence engineers have successfully led integration projects of all sizes, using our expert knowledge in competencies such as networking, system engineering/administration, and software development, to bring individual components together as a cohesive, holistic system.

Server Virtualization and Cloud Hosting

Who doesn’t love the 1957 Chevrolet Bel Air—but would you use one today as your daily driver? Considering it gets about 14 miles per gallon and seat belts were optional, modern cars are clearly safer and more efficient. Server virtualization yields numerous benefits, both in efficiency and decreased system administration overhead. Virtualization allows an organization to utilize its assets more efficiently by minimizing server idle time and elastically provisioning resources. Additionally, an organization will realize a decrease in physical footprint and electrical consumption. Virtualization provides server administrators with improved scalability, faster deployments, and reduced downtime, through technology such as point-in-time snapshots for rapid disaster recovery. SecuriGence engineers have vast experience with many on-premise virtualization platforms, such as VMware, Microsoft Hyper-V, and OpenStack. We also support cloud-hosted virtualization, such as Amazon Web Services (AWS) and are a registered AWS partner. SecuriGence led the first successful migration of an enterprise application to AWS GovCloud, which is accredited for federal government use.

Modernization

We are experienced in building, maintaining, and modernizing enterprise information systems using proven methodologies and processes to afford maximum availability and reliability.

We introduced innovative technologies and capabilities including self-healing systems and AIOps to advance data modernization efforts.

We’re proud to have played a key role in the FCC’s Cloud Modernization journey, successfully re-platforming legacy Sybase databases to Microsoft SQL Server – with minor code changes to existing legacy applications. This seamless migration preserved full application integration and functionality, showcasing our ability to modernize critical systems while minimizing disruptions.

Cloud Migration

We are experienced with leading cloud migration strategies and execution across platforms, data, and infrastructure. We’ve successfully migrated servers from legacy systems to cloud-native environments. Our work contributed to the successful modernization of the FCC Broadband Data Platform and Enterprise Data Platform. By leveraging automation and phased rollouts, we ensured secure, efficient migrations while reducing operational downtime and infrastructure costs.

IT Operations Support

Systems Administration

Care and feeding—necessary for anything to survive, including your IT systems. Many of our senior staff, including leadership, are former systems administrators, so this is near and dear to our hearts. SecuriGence system administrators hold many of the most sought-after certifications in the industry, including Red Hat Certified Engineer (RHCE), Microsoft Certified Solutions Expert (MCSE) and NetApp Certified Implementation Engineer (NCIE). Our administrators have maintained a broad range of systems, from enterprise email solutions to database management systems, and rely their blend of technical knowledge and working experience to ensure systems are supported effectively and efficiently.

Network Engineering

How useful is a home without any plumbing? Information systems, like homes, require pipes to keep data flowing. With the volumes of data in use today and our dependence on IT systems through the use of converged services such as VTC, VDI, and VoIP, very little functions without a properly designed, implemented, and maintained network infrastructure. Our network engineers implement smart processes and procedures, like vendor agnostic management tools, intelligent automation, and unified policy management. SecuriGence engineers have experience with both traditional physical technologies and also virtual networking, such as VMware vSwitching and AWS Virtual Private Cloud (VPC).

Network Operation Center (NOC)

The heart of any IT operation is the network operations center (NOC). NOC staff are the faithful sentries keeping a watch on network operations by monitoring systems for anomalies and ensuring that backups are completed successfully. Our NOC staff have experience utilizing tools such as Puppet, System Center Operations Manager (SCOM), NetBackup, and SnapManager to ensure availability and disaster recovery.

Software Development

Mobile App Development

Could you live without your mobile apps? From weather to social media, apps provide invaluable services to everyday life. SecuriGence developers have coded custom mobile applications and frameworks from the ground up and also leveraged open-source and commercial technologies. Our apps have provided situational awareness enhancement for users, systems and users collaboration, remote sensing, and decision making support.

Geospatial Web Systems

How often do you use your GPS to get somewhere, even if you are familiar with the area? SecuriGence developers have produced web based solutions for operational planning, real-time collaboration and geo data visualization. We have performed integration with existing systems to exchange data in order to enhance user experience. Our developers have created custom synchronization capacities between mobile devices and web apps to exchange information.

System Automation

Why type the same commands over and over…and over to accomplish the same task? SecuriGence coders have developed system automation for existing complex processes. We have developed automation for existing manual/semi manual processes to increase system effectiveness, reduce time used, and introduce error mitigation strategies.

Data Analysis, Integration, and Reporting

Big data—it’s awesome, right? Once you have the data, you need to extract value from it. SecuriGence coders have created data analysis tools to support decision making, create data forecasts and improve existing knowledge for data. We have developed integration between existing data sources to ingest complex data sets.

Remote Sensing Using Wearables

From smart watches to fitness bands, wearable tech is becoming the next big thing. SecuriGence developers have coded custom applications for wearable technologies to turn users into sensors for their operating environment. Our applications are seamless to the users with minimal user interaction as the goal.

Project Management

Herding cats—this is a fairly accurate description of what it sometimes feels like, keeping us IT professionals focused on a project with defined scope and resources. Understanding IT project management, to include process of planning, organizing, and delineating responsibility for the completion of organizations’ specific IT goals, is one of SecuriGence’s strong capabilities.

We follow Project Management Institute (PMI) best practices, to include processes that are guided through the five stages: initiation, planning, executing, controlling, and closing. SecuriGence has skilled project professionals that are certified Project Management Professionals (PMP). We utilize modern management methodologies such as SCRUM for agile software development that involves teams in producing software products in 30-day sprints and monthly SCRUM sessions.

SecuriGence has a vast portfolio of projects managed and completed within the DOD and federal agencies. These include:

  • DARPA BRAC of IT Infrastructure: SecuriGence personnel managed the relocation and build out of all DARPA Unclassified IT infrastructure. This included network, server, storage infrastructure, clients, and deployment of a new unified communications system (VOIP). The implementation and connection of an entire new environment that was live and running in parallel at the new location while transferring data transparently. The client relocation was logistically sound and moved over a weekend period, with no escalation of user issues, or ticket volume.
  • VTC Bridge and Unified Communication Deployments: Gathered requirements, scheduled, tracked tasks, and costs for the installation of SIPRNet VOIPs and VTC Bridges within the DOD community.
  • Network Deployments: Gathered requirements, developed technical implementation plans, statements of work, and cost proposals to provide level of estimates to the customer. During the implementation of these networks, SecuriGence Project Managers tracked progress, and costs, while submitting weekly status reports to the customers.

Data Governance and Management

Enterprise Data Platform

We are developing an EDP with features such as Multi-data tenant, Cross-domain data feeds, Unified Data Lake, Real-time Processing, Multi-cloud and Hybrid Cloud Support, Advanced Data Governance, Self-service BI Tools, and Developer-friendly APIs.

We are experienced data ingestions using a combination of traditional Extract, Transform, Load (ETL) for traditional data sets and Extract, Load and Transform (ELT) for raw data and real-time streaming and rapid data ingestion.

Enterprise Architecture

We are experienced with developing, modeling, implementing, and publishing approved architectures. We are experienced with DoD Architecture Framework (DoDAF) as an Enterprise Architecture (EA) Framework to ensure complex systems and processes are effectively integrated and managed.