We have extensive full life-cycle security, risk management, and ongoing security operations support experience. Our certified security professionals verify compliance with established security procedures and standards, identify and document vulnerabilities and non-compliances, provide incident response and support forensics, and proactively manage risk in compliance with Agency/Department regulations, Executive Orders, Public Law, NIST and OMB circulars and guidance, and other standards.
In support of the NIST Risk Management Framework (RMF), we assemble and maintain security authorization (SA) / certification and accreditation (C&A) packages, PIAs, and SORNs; develop and mature STIG-based security architectures and solutions using sound security systems engineering practices (defense in depth); perform security control / configuration testing (red/blue/CCRI), vulnerability and penetration testing, and privacy, contingency, and continuity assessments ; and assist you in attaining your near-term and long-term protection goals.
