CYBER

CYBER

As an expert in Cyber Operations, TekSynap helps our clients achieve an always ready state. Focused on adapting to our client’s needs, we provide expert guidance and recommendations so clients can overcome the risks pertinent to their environments.

Our teams begin each mission by performing an in-depth assessment to understand the policies governing each organization as well as the threats to the environment. We work collaboratively with our clients to define the most effective operational framework, ensuring it accounts for risks and mission needs.

TekSynap’s Cyber Professionals are supported by our robust technology proving ground, our TekXlerate Lab, and structured career path plans with educational reimbursement to ensure continuous education is at their fingertips. This ensures that every TekSynap team, from our ESM rated Top 3 Cyber Security Services Provider (CSSP) team to our Authorization and Accreditation teams remain ahead of the knowledge curve within their areas of expertise.

Cybersecurity & Identity

TekSynap’s approach to cybersecurity ensures protection of networks, programs and data to address vital mission concerns. We have developed and employ an always security audit ready policy. We achieve this using a layered approach to cybersecurity engineering.

TekSynap incorporates Federal Information Security Management Act (FISMA), The Federal Information Technology Acquisition Reform Act (FATARA), OMB A-130, OMB A-11, NIST and industry best practices, so that our clients maintain an acceptable level of security compliance to regulation requirements.

Our cybersecurity professionals identify vulnerabilities, conduct in-depth analyses, and develop recommended security strategies based on the likelihood and impact of the vulnerability being exploited.

Cybersecurity & Identity

Cyber Program Objectives

  • Maintain a high level of cybersecurity focus in the face of new and existing threats; and continue developing and applying in-depth knowledge of cybersecurity applications and processes to ensure risk management framework (RMF) compliance and provide full spectrum CSSP support.
  • Ensure high-quality, experienced cybersecurity personnel who have keen insight into client missions and processes in addition to cybersecurity experience and certifications.
  • Migrate cyber tools and data to the cloud to leverage its benefits while engineering the tools and capabilities to ensure continued effectiveness in the cloud.

Cybersecurity Automation – “Bird’s Eye”

TekSynap is automating cybersecurity threat detection by integrating real-time data sources with a cybersecurity agent expert system. We collect, standardize, and evaluate network event, status, and log data with an expert system that applies the MITRE ATT&CK risk framework to identify and prioritize Advanced Persistent Threats in your environment. The result is a near real-time response to APTs and a dramatic acceleration in threat removal.

DTRA ITSS Case Study

DTRA ITSS

What We Do

TekSynap provides DTRA with incident response analysts, computer crime investigators, incident handlers, incident responders, incident response coordinators, incident response analysts and intrusion analysts as well as other cybersecurity personnel as part of our solution to meet the requirements of the ITSS program. Our Cyber Hunt activities include collection of intrusion artifacts, correlating incident data for root cause analysis and vulnerability mitigation, and coordination and support of enterprise-wide Computer Network Defense incident resolution.

Methodology and Processes

To support DTRA’s Cyber Hunt requirements, TekSynap conducts cyber threat horizon analyses. Our approach identifies existing risks and vulnerabilities and uses our mission knowledge and cyber threat data from sources such as USCYBERCOM to help predict and defend against potential vulnerabilities and develop proactive responses. Most vulnerabilities result from a combination of interactions and gaps between people, existing processes, and technology. We analyze and monitor these interactions other advanced persistent threats (APTs) for risk, drawing on our experience in conducting risk assessments and vulnerability management activities. At program onset, we conduct a comprehensive assessment identifying risks and prioritizing them by severity and probability, identifying proposed mitigation strategies and then presenting the post-mitigation picture, which we then place in a continuous feedback loop.

People in Action

TekSynap provides team members for all four of DTRA’s simultaneously running cybersecurity processes, including CSSP Detect, Response, Protect, Sustain, and Incident Response/Cyber Hunt. TekSynap manages a team that provides 24x7x365 support and provides support after hours and on weekends as required. We also provides guidance on incident resolution, including of possible CSSP intrusions and spillages. Our team also ensures effective collaboration with other teams and has proven experience in working with Insider Threat, System Administrators, Infrastructure, Engineering, etc. to accomplish CSSP goals. TekSynap has the proven ability to lead the CSSP so that the agency passes all inspections/ audits, including the Evaluator Scoring Metric (ESM) and Cyber Protect Team (CPT).

Compliance and Standards
TekSynap employs ISO 9001, ISO/IEC 20000, ISO 27001, and PMBOK best practices across all programs we support, including DTRA. These practices are instituted in our corporate quality management systems and program charters. Additionally, our Cyber Hunt activities require compliance with the DoD Directive 8000.01, DoD Instruction 5205.13, DoD Instruction 8500.01, DoD Instruction 8530.01, and DoD Instruction DoDI 8551.01 and other applicable DoD cyber regulation. In addition, TekSynap incorporates NIST Special Publications 800-30, 800-37, 800-39, 800-70, and 800-94 into its regulatory compliance framework. Finally, our Cyber Hunt activities are compliant with the Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01B detailing the Cyber Incident Handling Program.

Cybersecurity Experience

Defense Threat Reduction Agency (DTRA)

Defense Threat Reduction Agency (DTRA)

  • Cybersecurity Policy and Planning
  • A&A Support Services
  • Continuous Monitoring
  • Cross-Domain Solutions
  • Supply Chain Risk Management
  • Cybersecurity Service Provider (CSSP) Support Services
  • Promoting Cybersecurity throughout the Agency Workforce
  • Communication Security (COMSEC)
  • IT Operations and System Administration
  • Service Desk
  • Application and Asset Management
  • Cloud Management Support
National Defense University
Joint Forces Staff College

National Defense University (NDU) and Joint Forces Staff Colleges (JFSC)
Comprehensive IT Mission Support Services

  • Supported first successful Command Cyber-Readiness Inspections (CCRI), receiving excellent ratings at both NDU and JFSC
  • Designed short and long term strategies for securing NDU’s wireless 802.11a/b/g/n network
  • Achieved a three-year Authority to Operate (ATO)
  • SIPRNET Campus Design
  • Installed wireless network for NDU and JFSC
  • Provide Tier 2/3 Service Desk support for network and server environment
  • Integrated student Bring Your Own Device (BYOD) network

Subcontractor to General Dynamics

Army Emergency Relief (AER)

Army Emergency Relief

  • Conducting a review of all infrastructure, procedures and documentation
  • Migrating PII data from legacy to a new infrastructure
  • Updating DIACAP documentation to comply with National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) to achieve Authority to Operate (ATO)
  • Planning for Data Center Relocation
  • Implementing and Testing COOP capabilities

Subcontractor to General Dynamics

U.S. Patent and Trademark Office (USPTO)

United States Patent and Trademark Office

  • Network Securiy Management
  • Identity Control and Access Management (IAM)
  • Perform OHRNet/OFDNet and TriNet Network design, O&M, and upgrade initiatives
  • Implemented Cisco ISE Network Administration Support (NAC)
  • Lead position in testing and supporting conversion from Cisco switches to Juniper switch platforms
  • Review network architecture to improve/enhance
  • Support daily operations including monitoring VPN performance, alerts, secure file transfers, application performance.
  • Perform device management including Cisco ASA code upgrades, Axway SecureTransport software updates, Sophos and Symantec AV server updates.
Department of Commerce International Trade Administration

Department of Commerce International Trade Administration (ITA)

  • Supported the Security Operations Center (SOC)
  • Maintained servers, desktops, and peripherals
  • Maintained security environment
  • Administered security alerts via Splunk
  • Provided Bit9 Whitelisting
  • Performed ThreatTrack Sandbox Malware Scans
  • Executed Forensic scans
  • Implemented Rapid7 Nexpose Vulnerability Management
  • Provided McAfee Antivirus software support
  • Migrated physical hardware to virtualized AWS Cloud solution

Subcontractor to CACI

Department of Defense Joint Service Provider

Joint Service Provider

DISA Field Service Activity (FSA) responsible for Enterprise Transport Management (ETM) for the Pentagon and National Capital Region (NCR)< Network Architecture / Engineering Network Monitoring and Incident Resolution

  • Manage LAN/MAN/WAN connectivity
  • Upgrade entire network infrastructure in preparation for Command Cyber Readiness Inspection (CCRI)
  • Provide the Chief Architect that serves on the Architecture Review Committee
  • Tier I and II network engineers working within the Operation Center

Subcontractor to General Dynamics

PFPA

The Pentagon Force Protection Agency

Security Integration and Technology Support – Transitioning to new mission systems as new technologies are introduced into the PFPA security infrastructure, as well as operate, maintain, secure and sustain the PFPA mission systems

  • Information Assurance (IA) / Cyber Security Network Engineering
  • Network Engineering
  • System Administration and Infrastructure Support
  • Help Desk Services

Subcontractor to General Dynamics

inNOVAtion Hackathon

Cybersecurity… Investing in Our Future

Cultivating tomorrow’s cybersecurity professionals today

TekSynap understands the critical need to invest in tomorrows cybersecurity professionals TODAY. As a corporate sponsor, Teksynap donated 28 laptops and 20 access points to provide students without their own computer equipment the ability to join the competition.

Approximately 356 students from various colleges, universities and high schools across the country gathered on the Woodbridge Campus of the Northern Virginia Community College to participate in the third annual Innovation Hackathon event, held at the Regional Center for Workforce Education and Training (RCWET) on April 13-15, 2018. Individuals traveled from as far as Florida to attend this year’s largest NOVA-Woodbridge Hackathon event since it began in 2016.

Innovation Hackathon, a 36-hour-long competition offered hands-on experience to students interested in cybersecurity and secure coding methods. Participants came prepared for the weekend with sleeping bags and overnight items, eager to work in teams to “hack” several challenges provided by corporate sponsors. The challenges involved the complexities of data visualization, developing applications, information assurance and secure programming.

Core IT
Learn more
TekSynap is a premier provider of cloud design, implementation, and support delivering a wide array of services across multiple cloud providers. We support our customers in the development and implementation of cloud adoption frameworks, governance, integration, and cost optimization approaches. Our focus is on applying the correct blend of cost-effective technologies to realize business value and meet organizational goals. With proven successes in both Azure and AWS, TekSynap develops cloud-native apps, re-factors legacy apps, and integrates cloud-based and hybrid infrastructure for our customers while maintaining and enhancing their security posture.

CLOUD TECHNOLOGY

Core ITLearn more
The Core Infrastructure underpinning IT networks and systems is a TekSynap foundational area of expertise. We understand that any reliable IT environment is built upon a rock-solid core infrastructure. We employ industry certified experts who have designed, implemented, and managed high-availability network designs around the globe, in mission critical environments such as the Nuclear Regulatory Commission, Defense Logistics Agency, and Defense Threat Reduction Agency.

CORE IT SERVICES

Learn more
As an expert in Cyber Operations, TekSynap helps our clients achieve an always ready state. Focused on adapting to our client’s needs, we provide expert guidance and recommendations so clients can overcome the risks pertinent to their environments.

Our teams begin each mission by performing an in-depth assessment to understand the policies governing each organization as well as the threats to the environment. We work collaboratively with our clients to define the most effective operational framework, ensuring it accounts for risks and mission needs.

CYBER OPERATIONS

Learn more
TekSynap is a DevSecOps industry leader. Our team members are critical contributors to DoD DevSecOps and Cloud Infrastructure as Code Community of Practice groups, to include our contributions in the DoD Reference Design. As leaders in the automation of secure, resilient platforms, our customers achieve 99.999% operational availability while increasing their security posture. Through the Log4J vulnerabilities and barrage of hack attempts, TekSynap’s programs stayed ahead of the required updates and thwarted the hackers. Our web vulnerability inspections resulted in 100% clean system reports.

DEVSECOPS

TekSynap is an equal opportunity employer, that does not discriminate on the basis of race, color, creed, religion, sex, sexual orientation, gender identity, protected veteran status, national origin, disability, age, genetic information or any other characteristic protected by law.