Helping Government Find Technology Solutions Since 1991

Security and compliance remain at the forefront of concerns facing security leaders today. Tackling the challenge of finding and addressing risks in the enterprise while demonstrating compliance with increasingly demanding regulations requires the maturity and discipline to adopt and follow a complete security risk and compliance lifecycle.

Federal security managers expect that most federally run systems are actively engaging with FISMA compliance for protecting federal data and systems. However, as we all know, federal information does not remain only in federally operated systems. Data and IT systems connect via the internet and other networks for business, operations and research. Information about citizens, banking and finance, research and development, and many other federal connected systems transmit data outside the federal networks—and their security compliance standards. So it makes sense that FISMA would adapt to address more than the original scope of perceived threats and specifically address systems and data security that inter-agency networks, vendors, contracts and supply chain puts at risk.

Tripwire solutions have a history with government agencies, offering an 'ironclad defense,' or foundation for a layered compliance and security strategy.

When a high-profile cyberattack grabs the headlines, your first instinct may be to funnel resources into purchasing a shiny new tool to defend your organization. But often, that’s not what’s really needed.

Tripwire's integrated suite of products build on their core capabilities to deliver critical capabilities for breach detection and remediation, and address nearly every compliance standard—PCI DSS, NIST, FISMA, NERC, HIPAA, ISO/IEC 27002, DISA, SOX, and many others.

In today’s world of complex, modern web applications, accurate and automated Dynamic Application Security Testing (DAST) tools are rare, but do exist. What characteristics should you look for in a DAST tool to give you greater accuracy and ease of use?

It’s time to break down silos and drive secure innovation, together. The practice of SecOps creates an alliance between Security, IT, and DevOps to make security an inherent outcome of all business innovation and operations. The Rapid7 Insight platform equips you with the visibility, analytics, and automation you need to unite your teams and amplify your efficiency.

In 2017, Rapid7 launched the “Under the Hoodie” project to demystify the practice of penetration testing by surveying those who are in the field and conducting the investigations on what they most commonly see during client engagements. We have renewed this approach in 2018 to continue providing visibility into this often occult niche of information security.

Security organizations must rethink their vulnerability management programs. They need to monitor complex, dynamic computing environments, and respond in minutes or hours when issues are discovered—not days or weeks.

Public sector organizations face complex challenges managing their data. Technology is constantly moving forward, and with this forward motion come new data sources (the Internet of Things and sensor-enabled equipment, social network feeds, data warehouses, software-as-a-service, etc.) and data types (structured and unstructured, raw and processed).

Government agencies must be able to connect, collect, and curate data from a broad spectrum of connected yet disparate data sources – sensors, machines, geo-location devices, social feeds, server logs, and more.

A public power utility company, owned by the people of a large city in Massachusetts, provides reliable services at economical rates through teamwork, technology and innovation. The Board of Electric Commissioners and the employees are committed to safe operations, to excellent customer service and to the community they serve. Like most power companies, this Massachusetts based company uses a geographic information software (GIS) application for planning, building, monitoring, and managing their transmission networks.

This federal agency utilizes a mature hybrid cloud architecture to support its efforts as an innovative and independent agency. Many of these efforts focus on partnering internationally to promote economic growth, reduce poverty, and strengthen institutions. This requires a flexible and consistent development stream in their applications to deliver on its mission.

Fu Associates is a leading developer of information management and analysis systems. They pride themselves on providing quality services ranging from the design, development, and implementation of complex information systems to business process reengineering, policy analysis, and strategic planning. Their clients include public and private sector organizations in the elds of health care, aviation, labor, education, environment, agriculture, and defense.