Emerging Technology
PR Newswire | January 09, 2024
InfoSec Global Federal, the leader in cryptographic vulnerability management, today announced the company has been added to the Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) Program's Approved Product List (APL). InfoSec Global Federal's AgileSec Analytics product helps U.S. federal agencies defend against the exploitation of cryptographic vulnerabilities. The inclusion of AgileSec Analytics to the APL strengthens national cybersecurity by protecting government agencies' most sensitive secrets and data from sophisticated attacks and breaches.
The Cybersecurity and Infrastructure Security Agency's (CISA) CDM program provides cybersecurity tools, integration services, and dashboards to participating federal agencies to help them improve the security posture of civilian government networks and systems by strengthening real-time risk monitoring and defense.
"The implicit trust of a privileged cryptographic ecosystem has resulted in the infamous SolarWinds hack and other high-profile attacks against federal agencies," said Philip George, Executive Technical Strategist of InfoSec Global Federal. "One aspect as to why these attacks were so successful can be directly attributed to poor visibility and analysis of privileged cryptographic assets, specifically certificates and tokens. Joining the APL underscores the value that InfoSec Global Federal's technology can deliver to reduce risk to critical federal infrastructure, a priority highlighted in OMB Memo 23-02, which requires federal civilian agencies to capture an inventory of all cryptographic assets in order to uncover vulnerabilities and to take immediate steps towards achieving post-quantum safety."
InfoSec Global Federal specializes in providing cryptographic discovery, remediation, and management solutions from the silicon firmware up through endpoint applications. Its secure software enables federal agencies to facilitate cryptographic vulnerability management, assure compliance, enrich software bill of materials with a cryptographic bill of materials (CBOM), and expedite post-quantum readiness in alignment with OMB Memo 23-02.
AgileSec Analytics offers essential tools for U.S. federal agencies aiming to enhance their cybersecurity and cryptographic posture. This solution is particularly crucial for conducting comprehensive cryptographic inventories, a vital process for government entities to deliver the following key advantages:
Enhanced Cryptographic Visibility: AgileSec Analytics empowers agencies with the ability to thoroughly scan their digital environments to identify and catalog all cryptographic assets. This includes keys, certificates, and cryptographic protocols deployed across various systems and networks.
Cryptographic Vulnerability Identification and Management: AgileSec Analytics assists agencies in pinpointing vulnerabilities within the cryptographic landscape. By analyzing the inventory, agencies can identify outdated or weak cryptographic practices, non-compliant assets, and potential areas susceptible to breaches.
Compliance with Federal Regulations: Aligning with mandates like OMB Memo 23-02, AgileSec Analytics aids agencies in ensuring that cryptographic assets adhere to federal cybersecurity standards. This compliance is critical for safeguarding sensitive government data and communications.
Preparation for Quantum Computing: As the threat landscape evolves with the advent of quantum computing, AgileSec Analytics positions agencies to be proactive. It helps in assessing the readiness of current cryptographic standards and facilitates a strategic shift towards quantum-resistant algorithms.
The inclusion of InfoSec Global AgileSec Analytics in the DHS CDM APL empowers federal agencies to conduct thorough cryptographic inventories, an integral part of maintaining a robust cybersecurity defense strategy.
About Infosec Global Federal
InfoSec Global Federal is a cryptographic security company that specializes in providing next-generation cryptographic discovery, agility, and management solutions from the firmware up through endpoint applications. Their secure software enables the management and agility of all cryptographic assets across a digital ecosystem, enabling government agencies to automate and orchestrate cryptography usage, shut down cryptographic vulnerabilities, facilitate compliance, and achieve post-quantum safety.
Read More
Government Business
GlobeNewswire | January 05, 2024
Kratos Defense & Security Solutions, Inc., a technology company in Defense, National Security and Global Markets and Rancher Government Solutions (RGS), the leading provider of enterprise Kubernetes management solutions to the U.S. Government, announced today a strategic partnership to enable customers to seamlessly deploy and scale virtual ground systems using Kratos’ software-based OpenSpace® Platform.
With increasingly complex and dynamic satcom and Earth Observation missions, satellite operators and government agencies are transitioning from fixed and proprietary hardware to flexible and scalable generic compute-based cloud environments. This enables a virtualized and software-defined ground system like Kratos OpenSpace Platform to more cost effectively and securely support multiple missions simultaneously, deliver services faster and streamline operations.
Today, customers leverage a range of computing environments from bare metal, virtual machines to the cloud, making the deployment of software-based ground systems more complex and time consuming. Working together, Kratos and Rancher Government Solutions have enhanced the ability of the OpenSpace Platform, the first commercially available, fully virtualized and software-defined satellite ground system to be deployed more easily across customer environments.
“With Rancher, the OpenSpace Platform deploys its virtual functions including modems, channelizers, combiners, and more, as Kubernetes-based containerized software applications that act as independent and portable computing environments that can run and scale on any infrastructure,” said Brandon Gulla, Chief Technology Officer at RGS. “We are proud to be working with Kratos to support this truly transformational platform that will free satellite operators from proprietary hardware architectures and move to software-defined, flexible and extensible virtual platforms.”
By the nature of it being software-defined and containerized, the OpenSpace Platform is already much faster, and more flexible to deploy than traditional hardware-based satellite ground systems. As customer demands grow, the software-based OpenSpace Platform can reconfigure on the fly and deploy new services automatically and cost effectively in minutes. Software containers can be spun up and down and scaled on demand elastically using a single management interface from the Rancher Platform.
“Rancher serves as the Kubernetes management technology that supports the OpenSpace Platform’s ability to automate the deployment, scaling, and management of our containerized workloads,” said Anthony Semiao, Chief Solutions Architect of the OpenSpace Platform. “The combined technologies support hybrid and multi-cloud environments enabling OpenSpace customers to run in the data center and cloud environment of their choice such as Google, Amazon or Microsoft and to easily switch from one cloud provider to another.”
About Kratos OpenSpace
Kratos’ OpenSpace family of solutions enables the digital transformation of satellite ground systems to become a more dynamic and powerful part of the space network. OpenSpace® is the industry’s only commercially available digital transformation solution that enables operators of satellites, Ground Systems-as-a-Service (GSaaS) providers, teleports and others in the satellite services supply chain to capitalize on dynamic ground capabilities. The OpenSpace family consists of three product lines: OpenSpace SpectralNet for converting satellite RF signals to be used in digital environments; OpenSpace quantum products, which are virtual versions of traditional hardware components; and the OpenSpace Platform, the first commercially available, fully orchestrated, software-defined ground system. These three OpenSpace lines enable satellite operators and other service providers to implement digital operations at their own pace and in ways that meet their unique mission goals and business models.
About Kratos Defense & Security Solutions
Kratos Defense & Security Solutions, Inc. is a technology, products, system and software company addressing the defense, national security, and commercial markets. Kratos makes true internally funded research, development, capital and other investments, to rapidly develop, produce and field solutions that address our customers’ mission critical needs and requirements. At Kratos, affordability is a technology, and we utilize proven, leading edge approaches and technology, not unproven bleeding edge approaches or technology, with Kratos’ approach reducing cost, schedule and risk, and enabling us to be first to market with cost effective solutions. Kratos is known as the innovative disruptive change agent in the industry, a company that is an expert in designing products and systems up front for successful rapid, large quantity, low cost future manufacturing and as a competitive differentiator to our large traditional prime system integrator partners and also to our government and commercial customers. Kratos’ primary business areas include, virtualized ground systems for satellites and space vehicles including software for command & control (C2) and telemetry, tracking and control (TT&C), jet powered unmanned aerial drone systems, hypersonic vehicles and rocket systems, propulsion systems for drones, missiles, loitering munitions, supersonic systems, space craft and launch systems, C5ISR and microwave electronic products for missile, radar, missile defense, space, satellite, counter UAS, directed energy, communication and other systems, and virtual & augmented reality training systems for the warfighter.
About Ranger
Rancher Government Solutions (RGS) is specifically designed to address the unique security and operational needs of the U.S. Government and military as it relates to application modernization, containers, and Kubernetes.
Rancher is a complete open source software stack for teams adopting containers. It addresses the operational and security challenges of managing multiple Kubernetes clusters at scale, while providing DevOps teams with integrated tools for running containerized workloads.
RGS supports all Rancher products with U.S. based American citizens who are currently supporting programs across the Department of Defense, Intelligence Community, and civilian agencies.
Read More
Government Business, Cybersecurity
PR Newswire | January 04, 2024
Synack has achieved the Moderate "Authorized" designation from the U.S. Federal Risk and Authorization Management Program (FedRAMP), demonstrating Synack's premier security testing platform meets the cloud compliance framework's rigorous requirements at the Moderate level.
The milestone approval means additional U.S. agencies can deploy Synack's best-in-class penetration testing and vulnerability management solutions – even in systems that process Controlled Unclassified Information and other official or sensitive data.
"This achievement is a gamechanger for our federal clients," said Dr. Mark Kuhr, Synack CTO and co-founder. "It also sends a clear message to all our customers: You can trust Synack to keep your data secure as we deliver pentesting of the highest caliber."
The Government Accountability Office has warned that "malicious actors are becoming more willing and capable of carrying out cyberattacks" on federal targets, with the potential to seriously harm national security. FedRAMP is a cornerstone of the U.S. government's efforts to realize that vision and combat threats as agencies continue to shift critical data to the cloud. Additionally, White House requirements such as Memorandum 22-09 require agencies to adopt a zero trust architecture strategy by September 2024.
Operating dedicated application security testing programs is a critical component of a zero trust strategy, and Synack proudly empowers agencies to conduct such services in a FedRAMP Moderate Authorized environment.
"This FedRAMP designation clears the way for Synack's premier security testing platform to protect more government systems," said Synack vice president for public sector Catherine Bowen. "We are doubling down on our goal to improve the security posture of agencies and companies handling mission-critical government applications, internally and externally."
To qualify as Moderate Authorized from FedRAMP, Synack successfully enforced 325 security controls and underwent extensive third-party vetting of its security infrastructure.
Achieving full authorization reflects Synack's ongoing commitment to making the world more secure by providing on-demand access to the Synack security testing platform and the 1,500-plus vetted security researchers who make up the global Synack Red Team.
The U.S. Department of Health and Human Services (HHS) sponsored Synack's successful bid for FedRAMP authorization. Today's announcement builds on Synack's FedRAMP Moderate "In Process" designation achieved in 2022, when Synack was first listed on the FedRAMP marketplace.
Synack has worked with HHS and dozens of other federal agencies to test internal assets and elevate their security postures. The company participated in the Defense Department's inaugural "Hack the Pentagon" program in 2016, helping find and fix high-impact vulnerabilities in a range of military networks. DoD would go on to host a follow-up initiative featuring Synack, aimed at normalizing a trusted, crowdsourced approach to security testing.
ABOUT SYNACK:
Synack's premier on-demand security testing platform harnesses a talented, vetted community of security researchers and smart technology to deliver continuous penetration testing and vulnerability management, with actionable results. We are committed to making the world more secure by closing the cybersecurity skills gap, giving organizations on-demand access to the most trusted security researchers in the world. Headquartered in Silicon Valley with regional teams around the world, Synack protects federal agencies and a growing list of Global 2000 customers, uncovering over 13,000 vulnerabilities for clients in 2023 alone.
Read More