Today’s threat landscape is fast-moving and ever-changing, so DIBNet organizations and DoD agencies that successfully adapt, begin with security and compliance by design.
Our team helps you architect and engineer your systems or enclave security to be as secure, compliant, and reliable as possible.
Our cybersecurity and compliance solutions are designed to help you run your cyber program more efficiently, protect mission-critical assets, and maximize your ROI. From aligning your cybersecurity and compliance strategy, through ongoing monitoring and continuous improvement, our subject matter experts empower you to optimize your cyber posture.
System and Network build-outs
When building a network or system to DCSA or DoD RMF specifications or to meet the upcoming CMMC requirements, SecureStrux always starts with the end in mind, baking security into the process from the start. We can securely build and maintain the SIPRNet, NIPRNet, or RMF systems and enclaves that your organization requires. We can engineer your entire corporate network for CMMC compliance.
To help your organization identify, address, and mitigate potential vulnerabilities, we provide vulnerability scans and assessments. The scans will give you peace of mind knowing your operations are protected. We offer a host of different reviews and assessments including ACAS, Tenable, HBSS, and Vulnerability Assessments.
ACAS, Tenable, HBSS, etc
Increase visibility into critical security issues by implementing the Tenable/Nessus Suite to automate network discovery and use associated products to deliver comprehensive network and application vulnerability scanning and configuration assessment.
Endpoint Security contains products designed to meet known intrusion points, discover gaps, and reduce the likelihood of unauthorized device and network access. Leading point products including Host Intrusion Prevention System, Asset Publishing Service, Asset Configuration Compliance Module, Device Control Module/Data Loss Prevention, Policy Auditor, Rogue System Detection, Endpoint Security (ENS), Threat Intelligence Exchange TIE/Data Exchange Layer (DXL), and McAfee Application Control (MAC).
Increase visibility into critical security issues by implementing the Tenable Suite to automate network discovery and use associated products to deliver comprehensive network and application vulnerability scanning and configuration assessment.
Understand your vulnerabilities and learn how to eliminate them with a penetration test.
- Have you been wondering what exactly would happen if your organization was targeted by a determined attacker doing their best to break into your network?
- Isn’t it time you found out for certain where the vulnerabilities in your organization lie so you can then create a plan to effectively deal with them?
SecureStrux penetration testing professional services have conveniently packaged a sequence of periodic (and scheduled) pen tests into an annual automated penetration testing subscription.
Take the next step on your Network or System
Bring in the experts to help you solve the pressing engineering and architectural challenges for the network, system or enclave you are building out.
System & Application
System & Application Hardening & STIGing
The United States Defense Information Systems Agency (DISA) has a library of security guidelines for the Department of Defense (DoD) Information Systems. These guidelines are called Security Technical Implementation Guides (STIGs), they identify configuration settings and procedures that organizations should apply to improve the security of their networks and systems.
Our seasoned SecureStrux Team is ready to serve you. We have over 20 years of experience securing and hardening enclaves, networks, and systems for the DoD and other organizations that need to meet DISA requirements.
Network Port Security Solution
Network Port Security Solution Services
Determining how to control access to an organization’s internal network is a challenge faced by many network administrators, yet being able to control your network and having visibility of what is connected to your environment is critical to your cyber hygiene.
SecureStrux has engineered and implemented a variety of 802.1x Port Security solutions to meet the robust requirements for both DoD and commercial clients. We have proven success in working with a variety of vendors and have affordable solutions that are easy to manage and in most cases can be implemented with existing hardware and systems.
NIPRNet and SIPRNet
SecureStrux implements the required DoD Public Key Infrastructure (PKI) environment, sets up their required systems, and handles the third-party applications required for authentication. We work closely with DISA and the Cyber Exchange to get all the required application certificates, Common Access Card (CACs), and tokens. Whether you need PKI for an application, a web service, on-premise, or in the cloud, SecureStrux can help your organization configure your applications, systems, and network appliances to meet DoD compliance.
Cyber-Automation, Insider Threat & Data Transfer Auditor
PowerStrux Auditor leverages Microsoft’s built-in programming language to access, parse, and report on events of interest. The use of this script will mitigate the effort for the staff members that are responsible while assisting in the auditing with ease and efficiency.
The PowerStrux standalone auditor produces a report containing the following:
- User logon and logoff dates and times
- Data transfers and print jobs
- Failed logon attempts
- Account management events
- User status and inactivity
- Administrator, Backup Operator, Auditors, and Power User group membership
- Event Log actions, to include clearing the Event Log
- Windows Defender signature update and scan dates and times
- Privileged use events
- System service status
- System port information
Our DataStrux data transfer auditor tool monitors users in real-time when they copy data from machines to removable media (flash and CD-ROM drives).
Our Certifications Include
- CISSP-Information Systems Security Management Professional (CISSP)
- Qualified Navy Validator (QNV)
- Certified Authorization Professional (CAP)
- Certified Ethical Hacker (CEH)
- ISACA Certified Information Security Manager (CISM)
- Cisco Certified Network Professional (CCNP)
- CCRI Team Lead
- Traditional/Physical Security
- Global Information Assurance Certification (GIAC)
- Project Management Professional (PMP)