Your SlideShare is downloading. ×
  • Like
Slide 1 - Internal Revenue Service
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Slide 1 - Internal Revenue Service

  • 329 views
Published

 

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
329
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
1
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. 03/14/2009 1 SMALL BUSINESS SHOWCASE NETWORK SECURITY SERVICES LLC  Small Business Size: SBA Certified 8(a), HUBZone, WO, SDB  Niche Areas: Computer Forensics & Managed Security  IRS/Treasury Contracts:  Subcontractor on IRS MITS Cyber Security, Office of the ACIO  Prime contractor on IRS Cyber Security Training, Electronic Crimes Unit  Largest award: $415,000  Largest Company Award:  Amount: Incrementally funded; currently at $415,000  Customer: Govt: SPAWAR Charleston. Prime: Honeywell Technology Solutions, Inc.
  • 2. 03/14/2009 2 Who We AreWho We Are  SBA Certified 8(a) and HUBZone, Woman-SBA Certified 8(a) and HUBZone, Woman- Owned small businessOwned small business  GSA Schedule 70 Prime ContractorGSA Schedule 70 Prime Contractor  Seaport-E Prime ContractorSeaport-E Prime Contractor  Provider of highest level of IT security solutionsProvider of highest level of IT security solutions
  • 3. 03/14/2009 3 Who We AreWho We Are  Security Team’s QualificationsSecurity Team’s Qualifications  Backgrounds in:Backgrounds in:  Law Enforcement/Military IntelligenceLaw Enforcement/Military Intelligence  Federal AgenciesFederal Agencies  Prestigious Commercial BusinessesPrestigious Commercial Businesses  High levels of education & certificationsHigh levels of education & certifications
  • 4. 03/14/2009 4 NSS Founder BackgroundNSS Founder Background  Law Enforcement Officer (19 years experience)Law Enforcement Officer (19 years experience)  DetectiveDetective  Computer Crime InvestigationsComputer Crime Investigations  Commercial FieldCommercial Field  DCITP, Lead Instructor for Network Investigations &DCITP, Lead Instructor for Network Investigations & IntrusionsIntrusions  Ernst & Young, Director of Incident Response,Ernst & Young, Director of Incident Response, National Forensics LabNational Forensics Lab  Fiderus Inc., Director of Incident Response &Fiderus Inc., Director of Incident Response & Penetration TestingPenetration Testing
  • 5. 03/14/2009 5 Core CompetenciesCore Competencies  Information Assurance ServicesInformation Assurance Services  Managed Enterprise Security ServicesManaged Enterprise Security Services  Computer ForensicsComputer Forensics  Network InvestigationsNetwork Investigations  Computer Forensics TrainingComputer Forensics Training
  • 6. 03/14/2009 6 What We OfferWhat We Offer  Information Assurance ServicesInformation Assurance Services  Certification and AccreditationCertification and Accreditation  Risk & Vulnerability AssessmentsRisk & Vulnerability Assessments  Disaster Recovery and Policy DevelopmentDisaster Recovery and Policy Development  Managed Security ServicesManaged Security Services  Firewalls/RoutersFirewalls/Routers  IDS/IPSIDS/IPS  Incident ResponseIncident Response  Computer Forensic Investigative ServicesComputer Forensic Investigative Services  Computer Crime Investigative TrainingComputer Crime Investigative Training
  • 7. 03/14/200903/14/2009 77 Information AssuranceInformation Assurance
  • 8. 03/14/2009 8 Information Assurance ServicesInformation Assurance Services  Information Assurance (IA)Information Assurance (IA)  Certification & AccreditationCertification & Accreditation  Vulnerability AssessmentsVulnerability Assessments  Penetration TestingPenetration Testing  Application TestingApplication Testing
  • 9. 03/14/2009 9 C&AC&A  The Federal Information SecurityThe Federal Information Security Management Act (FISMA)Management Act (FISMA)  Compliance with FISMA requires expertCompliance with FISMA requires expert security analysis and evaluation skills andsecurity analysis and evaluation skills and a thorough understanding of the FISMAa thorough understanding of the FISMA requirementsrequirements
  • 10. 03/14/2009 10 C&AC&A  NSS Security Experts assist and guide inNSS Security Experts assist and guide in the compliance of efforts for the followingthe compliance of efforts for the following standards:standards:  FISMAFISMA  NIST 800 seriesNIST 800 series  FIPS 199,200FIPS 199,200  DITSCAP/DIACAPDITSCAP/DIACAP  NIACAPNIACAP  HIPAAHIPAA  ST&E Testing of the above standardsST&E Testing of the above standards
  • 11. 03/14/2009 11 C&AC&A  Life Cycle Certification SupportLife Cycle Certification Support  DefinitionDefinition  VerificationVerification  ValidationValidation  Post-AccreditationPost-Accreditation  Certification Audit SupportCertification Audit Support
  • 12. 03/14/2009 12 Vulnerability ScanningVulnerability Scanning  Checks for known vulnerabilitiesChecks for known vulnerabilities  Work closely with customer to identifyWork closely with customer to identify scope and depth of scanningscope and depth of scanning  Generally, systems are checked for knownGenerally, systems are checked for known exploits and vulnerabilitiesexploits and vulnerabilities  Work with customer to mitigate andWork with customer to mitigate and mediate identified risksmediate identified risks  Assist in solution development andAssist in solution development and implementationimplementation
  • 13. 03/14/2009 13 Penetration TestingPenetration Testing  In depth probing and testingIn depth probing and testing  Exploit unknown or unpublishedExploit unknown or unpublished vulnerabilitiesvulnerabilities  Requires more time and higher skilledRequires more time and higher skilled peoplepeople
  • 14. 03/14/2009 14 Application TestingApplication Testing  Achilles heel of service-orientedAchilles heel of service-oriented architecturearchitecture  Applications are key to leveraging benefitsApplications are key to leveraging benefits of information systemsof information systems  Create the greatest riskCreate the greatest risk  Extensive codeExtensive code  Chance of insecure or exploitable codeChance of insecure or exploitable code being createdbeing created
  • 15. 03/14/2009 15 Managed Enterprise Security Services
  • 16. 03/14/2009 16 Managed Enterprise SecurityManaged Enterprise Security ServicesServices  FirewallsFirewalls  RoutersRouters  Intrusion Detection SystemsIntrusion Detection Systems  Intrusion Prevention SystemsIntrusion Prevention Systems  Incident ResponseIncident Response
  • 17. 03/14/2009 17 Firewalls and RoutersFirewalls and Routers  Monitoring & ComplianceMonitoring & Compliance  Log analysisLog analysis  Configuration review and assessmentConfiguration review and assessment  Configuration updates and adjustmentsConfiguration updates and adjustments  Rule testing and evaluationRule testing and evaluation
  • 18. 03/14/2009 18 Intrusion Detection Systems &Intrusion Detection Systems & Intrusion Prevention SystemsIntrusion Prevention Systems  Manage and monitor IPS/IDSManage and monitor IPS/IDS  Monitor network traffic for:Monitor network traffic for:  Hostile network activityHostile network activity  Ex-fill of sensitive informationEx-fill of sensitive information  Policy enforcement and violationPolicy enforcement and violation  PII disclosurePII disclosure  Plain TextPlain Text  Respond to alerts (IR)Respond to alerts (IR)
  • 19. 03/14/2009 19 Computer ForensicsComputer Forensics
  • 20. 03/14/2009 20 Computer Forensic ServicesComputer Forensic Services  Mobile ForensicsMobile Forensics  Network ForensicsNetwork Forensics  Intrusion InvestigationsIntrusion Investigations  Incident ResponseIncident Response
  • 21. 03/14/2009 21 2121 Network ForensicsNetwork Forensics  WiretapsWiretaps  Packet analysisPacket analysis  Server data acquisitionServer data acquisition  Live data collectionLive data collection  Data validationData validation
  • 22. 03/14/2009 22 Computer CrimeComputer Crime Investigative TrainingInvestigative Training
  • 23. 03/14/2009 23 Multiple Training CoursesMultiple Training Courses  Computer ForensicsComputer Forensics  Linux ForensicsLinux Forensics  Mobile ForensicsMobile Forensics  Network ForensicsNetwork Forensics  Intrusion InvestigationsIntrusion Investigations  Internet InvestigationsInternet Investigations  Wire TapsWire Taps
  • 24. 03/14/2009 24 2424 Training ClientsTraining Clients  DCITP- Defense Computer InvestigationsDCITP- Defense Computer Investigations Training Program for DoDTraining Program for DoD  Department of StateDepartment of State  George Washington UniversityGeorge Washington University  Internal Revenue ServiceInternal Revenue Service  Regional Computer Forensics GroupRegional Computer Forensics Group  Federal Bureau of InvestigationsFederal Bureau of Investigations  SOCOMSOCOM
  • 25. 03/14/2009 25 Current ProjectsCurrent Projects
  • 26. 03/14/2009 26 IRSIRS  SPAWAR Systems Center CharlestonSPAWAR Systems Center Charleston  Performing ST&EPerforming ST&E  Testing:Testing:  FISMA StandardsFISMA Standards  NIST 800-53, 800-53ANIST 800-53, 800-53A  FIPS 199, 200 FIPS 199, 200   Technology: Cisco, Unix, Microsoft, MSSQL 2000,Technology: Cisco, Unix, Microsoft, MSSQL 2000, MSSQL 2005, and Oracle 10.1(g)MSSQL 2005, and Oracle 10.1(g)
  • 27. 03/14/2009 27 Department of NavyDepartment of Navy  SPAWAR - Navy Medicine EnterpriseSPAWAR - Navy Medicine Enterprise Security Operations CenterSecurity Operations Center  Router and Firewall securityRouter and Firewall security  Management and monitoring supportManagement and monitoring support  Policy compliance with SOPPolicy compliance with SOP  Develop and document operating policies andDevelop and document operating policies and proceduresprocedures
  • 28. 03/14/2009 28 Work ExperienceWork Experience  IRSIRS  USDAUSDA  Department of NavyDepartment of Navy  HQ, FIRST U.S. ARMYHQ, FIRST U.S. ARMY  SAICSAIC  Commercial BanksCommercial Banks  UnionsUnions
  • 29. 03/14/2009 29 2929 Work ExperienceWork Experience  FBIFBI  OIG PhiladelphiaOIG Philadelphia  Philadelphia PD IAPhiladelphia PD IA  Large Prime ContractorsLarge Prime Contractors  Law Firms & Private Investigative FirmsLaw Firms & Private Investigative Firms  Commercial BanksCommercial Banks  Commercial BusinessesCommercial Businesses
  • 30. 03/14/2009 30 The NSS Security TeamThe NSS Security Team
  • 31. 03/14/2009 31 Certifications & EducationCertifications & Education  CFCECFCE  CCECCE  EnCEEnCE  GIAC (SANS)GIAC (SANS)  MCSEMCSE  CISSPCISSP  CCNACCNA  CCSPCCSP  Security+Security+  CCNP + SecurityCCNP + Security  MA Sociology/CriminologyMA Sociology/Criminology  MS Information SystemsMS Information Systems
  • 32. 03/14/2009 32 3232 Expert TestimonyExpert Testimony  Certified Expert Computer ForensicsCertified Expert Computer Forensics  Certified Expert Mobile ForensicsCertified Expert Mobile Forensics  Certified Witness Edged WeaponsCertified Witness Edged Weapons
  • 33. 03/14/2009 33 Customer SatisfactionCustomer Satisfaction  We have had outstanding performanceWe have had outstanding performance reviews from our customersreviews from our customers  We place appropriately skilled, technicallyWe place appropriately skilled, technically proficient security engineersproficient security engineers  We have several teaming opportunities onWe have several teaming opportunities on large, upcoming projectslarge, upcoming projects
  • 34. 03/14/2009 34 Future of NSSFuture of NSS
  • 35. 03/14/2009 35 Upcoming ProjectsUpcoming Projects  Support C&A efforts for Marine CorpsSupport C&A efforts for Marine Corps  Increase support on Navy MedicineIncrease support on Navy Medicine Enterprise Security Operations CenterEnterprise Security Operations Center  Intrusion Prevention/DetectionIntrusion Prevention/Detection  Incident ResponseIncident Response  Manage Computer Forensics LabManage Computer Forensics Lab  Provide computer forensic and incidentProvide computer forensic and incident response support to governmentresponse support to government SOC/NOCSOC/NOC
  • 36. 03/14/2009 36 GoalsGoals  Achieve prime contractor statusAchieve prime contractor status  Start small and growStart small and grow  Stay up-to-date on certifications andStay up-to-date on certifications and educationeducation  Continue to provide our customers withContinue to provide our customers with Quality of Service and CustomerQuality of Service and Customer SatisfactionSatisfaction
  • 37. 03/14/2009 37 Why Choose NSSWhy Choose NSS NNetwork Security is in our name & is what we doetwork Security is in our name & is what we do SSkilled and Certified Security Engineerskilled and Certified Security Engineers SStrong Past Performance & Notable Responsivenesstrong Past Performance & Notable Responsiveness
  • 38. 03/14/2009 38 Our Contact Information VA office: 2106 Harbor Drive, Greenbackville, VA 23356 SC office: 1156 Bowman Rd, #200, Mt. Pleasant, SC 29464 Phone: 703-319-0411 or 843-416-1196 Fax: 866-670-1961 President: (Ms) Alexei Haughom Email: alex@netsec.cc Website: www.network-securityservices.com