Splunk is the premier log aggregation tool to support network operational intelligence. It is a versatile tool that can be leveraged to support numerous needs–as a big data SIEM for security operations centers (SOCs) in order to find that needle in a haystack , to an IT operations monitoring tool to correlate events and resolve issues faster.
SecuriGence has implemented several instances of Splunk, from simple single-box solutions for small environments, to enterprise implementations using clustered indexing and search head pooling. Our staff has the expertise to design, build, and support Splunk implementations that are scalable and performance-tuned to operate efficiently and ensure that log data is not lost. Further, we are knowledgeable on the DoD and US Government requirements for log retention and disaster recovery.
Palo Alto firewalls are the leading next-generation firewalls (NGFWs) capable of full visibility into applications, users, and content traversing networks. Palo Alto employs a single-pass software engine to efficiently inspect traffic at all layers while enabling high throughput and low latency. NGFWs change the legacy firewall paradigm of focusing on IP addresses and ports, to focusing on users and apps. This allows a level of granularity not possible with a traditional firewall.
SecuriGence has architected and implemented Palo Alto firewalls on networks of all sizes, both as virtual and physical appliances. Our engineers have extensive expertise in employing advanced features such as Active Directory integration, SSL decryption, and custom IPS signatures.
The Tenable security suite is an industry leading network vulnerability scanning solution. The Tenable suite consists of three components: SecurityCenter, Nessus, and Passive Vulnerability Scanner (PVS). SecurityCenter is a vulnerability manager that provides continuous monitoring through malware detection, compliance monitoring, and network behavior analysis. Nessus is the active scanning component of the Tenable suite. Nessus supports broad asset coverage for numerous operating systems, network infrastructure devices, and applications. PVS operates similar to an IDS, but purpose-built to continuously monitor network traffic for vulnerabilities and risks, such as a host operating a vulnerable version of an app.
SecuriGence has implemented the Tenable suite in various organizations and in a wide range of sizes and complexities—from a simple install of the Nessus scanner for small environments to the full suite with multiple scanners and customized dashboards on larger enterprises. SecuriGence also has broad experience implementing and supporting the DoD-specific configuration of the Tenable suite known as Assured Compliance Assessment Solution (ACAS).
Amazon Web Services (AWS) is a bundled remote computing service that provides cloud computing infrastructure over the Internet with storage, bandwidth, and customized support for application programming interfaces (API).
SecuriGence assists customers in moving application services to cloud solutions from public and virtual private clouds. We support the development of key application modernization and new application development on the AWS cloud environment. Customers have found improved efficiency and information control while remaining compliant with security standards as they utilize AWS cloud services integrated with enterprise services and daily business operations.
NetApp offers a full range of enterprise level storage, making NetApp the perfect fit whether you are looking for capacity, performance, or versatility. NetApp also offers a wide array of backup and recovery software including Snapshots, Snapmirror and SnapManager. SecuriGence currently utilize NetApp products to provide customers with unparalleled reliability by using a number of NetApp Snapmanager products which utilizes Snapmirror and snapshot technologies. The NetApp hardware paired with the NetApp backup and Recovery products allow us to meet or exceed our customers uptime and backup and recovery SLA’s.
VMware provides a virtualization and/or cloud environment for software and services. VMware’s desktop software runs on most major operating systems, while its enterprise software servers, VMware ESXi, are bare-metal hypervisors that run directly on server hardware without requiring an additional underlying operating system.
SecuriGence has a highly skilled and specialized team of VMware professionals. We have deployed a variety of VMware environments to our customers, including VSphere, DRS, VMotion, VirtualServer, and VMware Desktop Virtualization. Our team of engineers has converted many of our customer’s desktop systems to desktop virtualization in order to significantly lower IT expenses, free-up IT technical resources, manage risks effectively, and decrease downtime.
OpenStack is a set of open source software tools for building and managing cloud computing platforms for public and private clouds. Users primarily deploy it as an infrastructure as a service (IaaS) solution. Rackspace Hosting and NASA jointly launched an open-source cloud-software initiative known as OpenStack. OpenStack is currently managed by the OpenStack Foundation, a non-profit which oversees both development and community-building around the project.
SecuriGence deployed a small OpenStack environment for testing and enhancing our customers virtualized environment and supporting continuous integration software suites. As an added capability we used Elastic Map Reduce (Sahara) to test performance of imagery processing to enhance distribution of imagery to customers in sqlite format. As part of enhancing customer imagery processing capabilities we deployed a Nivida GRID graphics card to the environment which supported hardware acceleration on virtual desktops and CUDA cores for computations.
Apache Hadoop is a set of algorithms for distributed storage and distributed processing of very large data sets (Big Data) on computer clusters built from standard hardware. All the modules in Hadoop are designed with a fundamental assumption that hardware may have failures and thus proper failover should be handled in software by the framework.
The core of Apache Hadoop consists of a storage part (Hadoop Distributed File System (HDFS)) and a processing part (MapReduce). Hadoop splits files into large blocks in default 64MB and distributes the blocks across nodes in the cluster. To process the data, MapReduce transfers code to nodes that have the required data, which the nodes then process in parallel. This approach takes advantage of data localization to allow the data to be processed faster and more efficiently across distributed processing.
SecuriGence reused existing program servers to deploy a small Hadoop cluster for testing processing of imagery raster and vector data as an experimental enhancement to imagery processing.
Node.js provides an event-driven architecture and a non-blocking I/O API that optimizes an application’s throughput and scalability. These technologies are commonly used for real-time web applications.
SecuriGence was the principal builder of a web portal that utilized Node.js to streamline agency’s mobile app vetting process by aggregating reports from various scanning tools into the portal. Using a plugin framework it increased our customer’s efficiencies for auditing mobile apps. This effort also supported a dynamic workflow and real time updates on the source code review process.