Cyber Engineering

With the proliferation of networks and computers containing sensitive information expanding at an explosive rate, vulnerability is growing in step. At no time in history has vigilance been more important for your computers and the networks they rely on, as well as understanding potential threats. At PROTEUS, we provide 'total awareness' solutions within your vital cyber domain.

KNOW THE NET. KNOW THE THREAT.

Introduction

Leveraging our experience within the U.S. Intelligence Community, PROTEUS works with Fortune 500 companies, the defense industrial base and other commercial enterprises to secure their computer networks from industrial espionage, insider threats and other forms of malicious conduct. Our solutions include reducing exposure to cyber intrusions, responding to and containing cyber intrusions, restoring stolen or damaged data and gathering evidence to help bring the intruders to justice.

Cyber Intrusion Incident Response

PROTEUS works side-by-side with client IT professionals to assess the security of computer networks using security assessments, vulnerability scans and penetration testing. PROTEUS’ approach focuses on all elements of client information security posture, including People, Process and Technology, as summarized below:

  • Assessing & Mitigating Risk. PROTEUS identifies system vulnerabilities and guides clients in establishing an information security posture that mitigates associated risks.
  • Hardening the Network. Client networks are strengthened using a “defense-in-depth” approach, integrating the latest products and technologies.
  • IT Security Policy & Verification. Technical solutions are only part of a successful cyber protection program. Intelligent and effective security policies are critical to the overall security of a cyber protection system – PROTEUS works with clients to customize an effective security policy, as well as outlining additional steps to be taken to ensure protection.
  • Training & Auditing. People are the backbone of information security. PROTEUS recommends cost effective IT security training programs that enhance the effectiveness of client information security policies and procedures.

Cyber Intrusion Footprints

PROTEUS responds quickly to contain the damage of cyber intrusions, identify the intruder’s method of operation, track his movements, determine root cause, remediate system vulnerabilities, restore data and implement appropriate countermeasures in concert with law enforcement authorities. PROTEUS leverages experience in the following areas to ensure a comprehensive response to cyber intrusions:

  • Containing Loss. Rapid response to minimize data loss and financial exposure by securing client networks and containing the damage of a cyber intrusion.
  • Determining Root Cause. Surreptitiously tracking an intruder’s movements to learn his methods of operation and to develop appropriate countermeasures.
  • Analyzing Malware. Analysis of the intruder’s malware to understand how, where and when it will spread and activate.
  • Restoring Data. Restoration of data housed on corrupted devices to minimize the impact on continuing business operations.
  • Reporting the Incident. Support to legal counsel and executive team to ensure compliance with regulatory and contractual incident reporting requirements.

Bringing Intruders to Justice

PROTEUS preserves the integrity of gathered evidence by rigorously applying a strict chain of custody. Our investigators also serve as expert witnesses to present the evidence in court, helping to bring the intruder to justice.

Introduction

Of paramount importance for major corporations and defense agencies alike in today's increasingly computer and technology dependent society is the notion of Cyber Security, or the protection of Information Technology (IT) infrastructure and computer system assets from 'attacks' or illicit 'intrusions' by bad actors. The need for comprehensive and defensive IT protection solutions continues to grow in importance as a means of preserving the security of data assets and protect the nation's critical infrastructure systems such as the power grid, water system and banking systems. This level of vigilance needs to encompass the entire enterprise, from the network level down to individual desktop computing platforms demanding a 'Defense in Depth', or multi-layered, philosophy toward Information Assurance and Network Defense. PROTEUS successfully partners with clients to identify, develop and field advanced capabilities in several core arenas of the Cyber Security domain.

Intrusion Detection Systems (IDS)

PROTEUS works continuously to remain abreast of intrusion and attacker techniques such as buffer overflows, cross-site scripting and client-side and web-based application exploitations while working to develop advanced intrusion detection and prevention capabilities for our clients. PROTEUS’ efforts to truly understand attack vectors employed by bad actors enhances our ability to leverage leading edge technologies and techniques such as network traffic analysis, browser emulation, malicious content discovery and de-obfuscation. Armed with this knowledge, PROTEUS works closely with clients to develop advanced automated intrusion detection capabilities providing for the dynamic interrogation and remediation of obfuscated network attacks significantly reducing the probability of future compromises to known and unknown threats.

Intrusion Prevention Systems (IPS) / Signature Development

PROTEUS works extensively in the area of developing streaming data analysis and real-time complex event processing capabilities that enable the identification of complex network traffic patterns, intrusion scenarios and attack vectors. PROTEUS’ work within this domain aligns with network traffic analysis and Intrusion Detection System (IDS) signature development efforts providing automated, real-time capabilities for the definition and dynamic deployment of detection system signatures in response to evolving and emerging threats within the cyber domain’s changing landscape. Additionally, PROTEUS has worked to develop and integrate solutions enabling active and passive vulnerability assessments to support analysis of system configuration and potential software and hardware based vulnerabilities as a means of providing holistic and continuous protection to our client's critical systems and infrastructure.

Vulnerability and Penetration Testing (VAPT)

PROTEUS actively partners with industry and academia leaders within the Cyber Security realm such as Sourcefire Inc, developers of the Snort ® platform, and universities with accredited Information Security (IS) programs. Through our engagement with these and other industry partners, PROTEUS is able to continuously grow our Cyber Security expertise and advance our corporate competencies through accredited and industry supported and recognized certification programs such as the Certified Ethical Hacker, Licensed Penetration Tester, Global Information Security Certification (GIAC) ® and the International Information Systems Security Certification Consortium, Inc., (ISC)²®. PROTEUS offers clients a pragmatic blend of innovative custom software solutions rooted in the fundamentals of software engineering principles, and coupled with the leading edge industry offerings to significantly improve the protection level of our client’s most critical and sensitive IT assets.

Introduction

PROTEUS is actively partnering with client organizations to identify threats, assess risk, and to design and develop robust offensive and defensive solutions for modern day computing asset challenges such as Computer Network Attack (CNA), Computer Network Defense (CND) and Computer Network Exploitation (CNE).

Computer Network Attack (CNA)

Commonly defined as "actions taken through the use of computer networks to disrupt, deny, degrade, or destroy information resident in computers and computer networks" computer network attack (CNA), can have a devastating effect on any cyber system. In today’s computing environment, organizations with valuable computing assets need to have an in-depth understanding of the implications of CNA, from an outward and inward facing prospective. PROTEUS is working with clients to identify and understand the role of CNA and its effect on mission within cyber domains.

Computer Network Defense (CND)

Computer Network Defense or (CND), refers to actions taken through the use of computer networks to protect, monitor, analyze, detect and respond to unauthorized activity within Department of Defense information systems and computer networks. We are helping our clients, in both defense and commercial industry, to create comprehensive CND strategies and processes to identify and prevent the explosion of malicious and intentional computer network operation disruption activities.

Computer Network Exploitation (CNE)

Computer Network Exploitation or (CNE) is one mechanism in which organizations gather data from target or adversary computing assets or networks. Why is it important, and how are today’s organization’s taking advantage of the resulting information superiority? It is said that knowledge is power, and with easy access to cheaper, faster and more secure computing assets, it has become all too easy for our adversaries to have the knowledge to exploit our critical defense IT assets. Our experts are supporting clients with tools and applications to actively summarize, categorize and prioritize adversary strengths and weaknesses and actively avert potentially catastrophic attacks on vital assets.