Cyber Security Services
In today’s day and age, information and data is the fuel for the engine of American growth and innovation. Protecting the information systems and networks of our homeland has never been so important and complex. USmax Corporation understands the business and technical challenges faced by various federal agencies to secure their information assets. We specialize in and provide Cyber Security Services to agencies like U.S. Department of Homeland Security and U.S. Patent and Trademark Office, where challenges to protect the homeland and our intellectual property are paramount. Our Cyber Security Services include:
| Service | Description |
|---|---|
| Independent Verification and Validation (IV&V) | We provide both Verification – to verify agency’s security posture to the federal, business, and technical requirements and Validation – our certification at the end of the audit. Our IV&V services involve monitoring and evaluating all aspects of the project from inception to completion. Our services are delivered using a repeatable standard methodology framework to ensure consistent delivery across all federal customers. |
| Threat Analysis, Assessment, and Continuous Monitoring | Federal laws, regulations, and directives such as OMB A-130, FISMA, DITSCAP guidelines, and HSPD-12 provide a framework for analysis, assessment, and response of cyber threats. USmax provides services ranging from in-depth to impromptu threat analysis and vulnerability assessments that identify and counter threats to U.S. cyber infrastructure. We also assist the U.S.-Computer Emergency Readiness Team (U.S.-CERT) in warning constituents of threats to the nations’ critical national infrastructures, as defined by HSPD-7, the E-Government Act, FISMA and the National Strategy to Secure Cyber Space. |
| Assessment and Authorization (A&A) | We assist federal agencies to evaluate their A&A process, and procedures for adherence to standards such as NIST-FISMA, DITSCAP, and best practices. Our information assurance experts collaborate and team with government stakeholders to provide an overall assessment of the quality and effectiveness of an A&A program. Our A&A efforts involve Security Certification, Accreditation, Continuous Monitoring, and Policy and Procedural document development. |
| Incident Response Planning and Response | One of the most valuable components of our Incident Response Planning and Response services is the depth of our experience. We assist federal agencies to develop Computer Security Incident Response Plans (CSIRP) that provides guidance and documentation on computer security incident response handling and communication efforts. |
| Enterprise Security | We provide Security Operations Center Management (SOC) support (24/7), Computer Security Incident Response Team (CSIRT) support, Security Architecture and Design development, Business Continuity & Disaster Recovery (Continuity of Operations) planning, Security Intelligence and Forensic Services, and Intrusion Prevention and Detection systems support. |
| Penetration Testing/Phishing Campaigns | We support the cyber readiness and Federal Information Security Management Act (FISMA) requirements with Penetration Testing of federal agencies' networks, including WiFi, operating systems, hosts, web presence, virtual infrastructure, user profiles, and business applications. Our comprehensive assessments identify all external and internal vulnerabilities and provide federal agencies with time sensitive reports, assessments, and remediation recommendations. We deliver increasingly challenging phishing campaigns that are tailored to identify end user training deficiencies and reinforce good cyber practices that are an essential aspect of an agency's cyber readiness. Our campaigns are a comprehensive examination of end user behavior, including email, web surfing, mobile devices, and other online communications practices. Our approach provides comprehensive measures that progressively raise the bar of an agency's end user cyber hygiene practices. |