Tech Watch

See SMS’ CISO talk about the importance of continuous monitoring and cyber threats


Cyberspace Operations

With risks increasing and cyber threats evolving, an agency CISO’s only defense is one that allows multiple departments to collaborate and share what outside threats are trying to breach their networks and applications. Tying it all together in a unified IT Cyberspace Operation or Security Operations Center (SOC) that can not only detect the current threat, but also predict future attacks.

SMS' Cyber Operations Services include:

  • Incident Response, Malware Forensics & Hunting (MF&E)

    SMS provides DoD and the Intelligence Community advanced trained engineers certified in penetration testing, reverse malware engineering, wireless networks security, APT hunting, Forensic analysis and capture, Zero Day vulnerability mitigation, and software assurance practices.  SMS MFE engineers are well known for their expertise in finding, fixing, finishing, exploiting, analysis, and dissemination (F3EAD) capabilities.

  • Offensive Cyber Operations

    SMS works with a select IC and DoD customer base to develop offensive cyber tactics, techniques, and procedures (TTP) to include limited tool development and extreme data exploitation.

  • Cyber Intelligence

    SMS Senior Executives worked in early 2010 with USCYBERCOM and the National Geospatial Intelligence Agency (NGA) to develop the fused and collaborative geospatial cyber intelligence process and solution.  Under this process, overlays of various cyber data are projected on a georeferenced database, which transforms the thousands of 1s and 0s into actionable intelligence.  An example is telephone signals data.  On the surface it is a bunch of lat and long coordinates,  but once “Mapped” the origin, travel history, and contact information is linked together to depict a picture of the users travels and contacts.  This can be added with other information to identify trends, patterns, locations, and habits. 

  • Cyber Targeting

    SMS has several cyber “targeteers” who support various DoD services and the intelligence community developing kinetic and non-kinetic cyber targets to include anti-personnel, IT infrastructure, SCADA platforms, Electronic Warfare targets, cyber disruptive TTPs, and command and control Infrastructure target acquisition.  

  • Defensive Cyber Operations

    SMS offers a 24 x 7 x 365 unified IT Security Operations environment that includes intrusion detection, firewalls, perimeter defense, antivirus, malware, web security, asset management, spam, insider threat, and mission production; ensuring implementation of an overall proactive security environment across an enterprise. The SMS unified IT Security Operations solution provides automation, prioritization, oversight and disclosure of key risks and vulnerabilities; and provides end-to-end integrated enterprise active defense from data center to field mobile and wireless platforms.

    • Enterprise Security Management (ESM)

      SMS’ Cyber security Engineers utilize the latest ESM tools and technologies in your Unified IT Security Operations Center and provide rapid and transparent updates to keep current with ever-evolving threats. At SMS, we are fully trained and able to leverage the latest hardware and applications such as Assured Compliance Assessment Solution (ACAS), Security Content Automation Protocol (SCAP), ePolicy Orchestrator (ePO), Security Information and Event Management (SIEM) tools, etc. necessary to ensure the confidentiality, integrity and availability of your IT systems. With the SMS unified IA capability, we are able to reduce regulatory compliance costs, and increase your IT infrastructure security.

    • Vulnerability Management

      SMS’ Vulnerability Management system creates a proactive continuous automated assessment environment that scans and reports on IAVA/B/T, STIG, and client master image compliance, checks for Communication Tasking Order Compliance, Interfaces with Enterprise Update Servers (EUS) such as WUS and WSUS servers, and implements clients that check compliance on over 300,000 events.  

    • Scripting

      SMS’ Engineers develop custom automated scripts and signatures that respond to Advanced Persistent Threat (APT), Zero Day Vulnerabilities, and new threats as they emerge on a real time basis.  

    • Data Loss Prevention

      SMS Engineers implement encryption at rest and data loss prevention and egress scanning to ensure no sensitive or personal data leaves the network from unauthorized access.

    • Cyber Visualization and Continuous Monitoring

      A well-designed cyber visualization and continuous monitoring program can effectively transform static security into dynamic active defense providing real-time security status to decision-makers, reducing reaction time to minutes and decreasing risk.  SMS’ continuous monitoring solutions provide government agencies of all sizes with a scalable, effective and automated active defense solution. Should an unauthorized attack or penetration occur, a decisive and aggressive automated plan of action will be deployed that not only halts its damage but also prevents it from happening in the future. Our teams are veterans in automating continuous monitoring controls and systems.

    • Secure Supply Chain Management

      The beginning of a solid cyber security program ensures that your system is built from the ground up utilizing trusted and secure supply chain management that tracks your components from factory production to secure installation. SMS has a certified logistics support center and affiliations with over 400 manufacture OEMs that has ensured delivery of authentic certified equipment to include worldwide positive tracking fulfillment.