Cyber attacks are increasing in frequency and sophistication. A data compromise can mean disruption to critical operations, loss or disclosure of employee’s personal information, and damage to agency reputation that have major financial implications for systems remediation.
ActioNet is a leading cyber solutions provider dedicated to helping our clients manage cybersecurity risks to systems, people, assets, data, and capabilities. Our ActioNetCyber® capability leverages our staff’s experience with cyber orchestration, critical cyber functions, and related cybersecurity risks to enable organizations to mitigate enterprise risks more effectively.
ActioNet provides an integrated service offering for security management and governance that helps reduce IT costs while improving a client’s overall security posture.
Capabilities
Cyber & CISO Advisory Services
• Program development
• Technology roadmap
• Investment priorities
• Governance development
• Program management
• Metrics and dashboarding
• Decision Support
Security Architecture & Engineering
• Program Enterprise architecture
• Cloud & hybrid cloud security
• System engineering
• Defense in depth
• Zero trust
• System hardening
• Technical evaluation & selection
• Mobile & Operational Technology (OT) integration
Continuous Cyber Operations
• Security Operations Center (SOC) & Watch Floor Ops
• Threat Intelligence/
Threat Hunting
• Incident Management
• Insider Threat
• Security Infrastructure Help Desk
• System Operations & Maintenance
• Security Orchestration, Automation and Response (SOAR)
• Vulnerability/ Patch Management
• SIEM Content (Splunk Enterprise Security)
Governance, Risk, & Compliance
• ISSO support
• Penetration testing
• Risk Management Framework (RMF)
• Security control assessments
• Continuous monitoring
• Continuous ATO
• POA&M remediation
DevSecOps
• Requirements definition
• Agile secure code dev
• Containerization
• Automated testing
• Code analysis
• Rapid release
Case Study
Optimizing Open-Source Tools to Create a Scalable Platform for Rapid Delivery of Mission-Critical Data
ActioNet designed a Big Data platform (BDP) solution that combines the features and capabilities of several big data applications and utilities within a single solution which enables the organization to develop, deploy, operate and manage a big data environment.
We met this integration challenge by finding the fine line between emerging and stable technologies, integrating 40+ analytics tools, dashboards and virtualizations such as a SOC Cyber Awareness Dashboard displaying a snapshot of top threats and provides vulnerability scores as well as actions that will alter risk scores. The environment is secured through encrypted data transport capabilities using AWS Direct Connect and AWS Snowball for mass data ingest.
Outcome
Transformed data fusion workflows to dramatically enhance analytics and position our customer to collect a wide array of cyber meta data enabling Continuous Diagnostics and Mitigation.
- Scalable: The BDP is operationally deployed on a 4PB infrastructure and scalable to meet any customer demands, and has sustained ingestion rates of 4.5Gbps
- Rapid: BDP provides over 1,200 direct participants from government, centers, labs, FFRDCs, and UARCS, including US Cyber Command (USCYBERCOM), DISA, NSA, and Joint Forces, automated deployment in the AWS GovCloud in hours, cutting previous times by months
- Granular: Control through Attribute Based Access Controls (ABAC) for cell level data security
- End to End: Data lifecycle support from data ingestion with Storm; Storage and common schema through Hadoop; Analysis and Queries through R; and Dashboards and visualizations through Shiny and Kibana to support Cyber Awareness Dashboards.