Performance: Crest Security Assurance (CSA) is a subcontractor to HP Enterprise Services, providing information assurance program support to the FBI’s Security Division, Information System Security Unit including Vulnerability Assessment and Penetration Testing. The Security Assessment Team (SAT) for the FBI is chartered to assess the security posture of each network and major application against NIST, DCID6/3, and FISCAM requirements across the various organizations that make up the Bureau. In addition to that core functionality, the team acts as the subject matter experts for vulnerability assessment, malicious user testing, and penetration testing. Utilizing tools open source tools as well as commercial, coupled with the techniques and procedures of the seasoned CSA cyber professionals the FBI is presented a clear picture of the true risk surface and was able to implement corrective actions to minimize the impact of potential compromise. The primary responsibly of CSA was to provide security testing support for all FBI FISMA reportable systems. This support included utilizing automated tools (e.g., Nessus, App Detective, and Web Inspect) as well as manual techniques to assess the security posture of FBI systems, networks, and applications. CSA also provides red team operation services—simulating cyber adversary’s techniques, tactics, and procedures to evaluate the prevention, detection, and response capabilities of the FBI. All services were performed in accordance with applicable NIST 800-series, DCID 6/3, DOJ, and FBI requirements. This effort included multiple travel engagement to remote site facilities throughout the DC-metro area, Northern VA, and parts of West Virginia
Performance: CSA’s security engineer has the responsibility of maintaining and upgrading OPIC’s total security infrastructure, ranging from internal technologies (intrusion detection, SEIM, anti-virus) to external mechanism (cloud computing and VPNs). Our experts were tasked with redesigning the OPIC security infrastructure to ensure it is resilient against cyber-attacks and current with vendor updates. We evaluated the technologies in place and determined the current gaps in both technology and coverage. We implemented a project plan that provided our customer with a detailed and phased approach to meet business goals, while increasing the overall security posture. Our engineers started at the user workstations and worked outward to the corporate Wide Area Network, and cloud technologies. We identified and corrected limitations in patch management, IDS monitoring/tuning, anti-virus coverage, log management and alerting, forensic capabilities (both host and network based), firewall rules-sets, and cloud security. Our team works closely with system personnel and organization IT governing bodies (e.g., Configuration Control Boards) to ensure that corrective actions regarding security has minimal effect on business/mission operations.
Performance: CSA partnered with Paragon Technologies to provide Penetration Testing and Vulnerability Assessment solutions to the IRS as part of the TIPSS-4 contract. The task consists of evaluating the security posture of various applications and networks prior to implementation into production.
Performance: Performance: CSA team was presented the opportunity to create a robust Security Test and Evaluation (ST&E) program to support Certification and Accreditation efforts for the US Army. The cyber professionals of CSA utilizing experience gleaned over years of security consulting began by bringing automation into processes that were once manual. Compliance testing efforts that once took weeks were reduced to a few minutes. The team implemented testing tools enterprise-wide, facilitating discovery and testing of all networked devices (Servers, workstations, and networking devices). The CSA team was instrumental in assisting the organization in the creation of a fully DISA STIG compliant universal baseline for Windows 2008 Server as well as Windows 7, cutting down development-to-production time of systems by 60%. CSA also created the first mobile testing system consisting of robust laptops packed with security assessment tools for ST&E efforts of stand-alone network and applications.
CSA provided CND support by planning, implementing, monitoring and tuning SPO IDS infrastructure. The CSA team was also instrumental in designing and implementing RSA NetWitness (network Forensics) (Decoders, Concentrators, and Hybrids), as well as Splunk (log correlation and management). We designed and deployed network taps strategically throughout the enterprise, and implemented Splunk sensors on servers and workstations to capture log information. We created complex index queries and designed a Splunk dashboard to provide leadership with near-real time security posture information