Slide 1 - Internal Revenue Service

482 views
419 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
482
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Slide 1 - Internal Revenue Service

  1. 1. 03/14/2009 1 SMALL BUSINESS SHOWCASE NETWORK SECURITY SERVICES LLC  Small Business Size: SBA Certified 8(a), HUBZone, WO, SDB  Niche Areas: Computer Forensics & Managed Security  IRS/Treasury Contracts:  Subcontractor on IRS MITS Cyber Security, Office of the ACIO  Prime contractor on IRS Cyber Security Training, Electronic Crimes Unit  Largest award: $415,000  Largest Company Award:  Amount: Incrementally funded; currently at $415,000  Customer: Govt: SPAWAR Charleston. Prime: Honeywell Technology Solutions, Inc.
  2. 2. 03/14/2009 2 Who We AreWho We Are  SBA Certified 8(a) and HUBZone, Woman-SBA Certified 8(a) and HUBZone, Woman- Owned small businessOwned small business  GSA Schedule 70 Prime ContractorGSA Schedule 70 Prime Contractor  Seaport-E Prime ContractorSeaport-E Prime Contractor  Provider of highest level of IT security solutionsProvider of highest level of IT security solutions
  3. 3. 03/14/2009 3 Who We AreWho We Are  Security Team’s QualificationsSecurity Team’s Qualifications  Backgrounds in:Backgrounds in:  Law Enforcement/Military IntelligenceLaw Enforcement/Military Intelligence  Federal AgenciesFederal Agencies  Prestigious Commercial BusinessesPrestigious Commercial Businesses  High levels of education & certificationsHigh levels of education & certifications
  4. 4. 03/14/2009 4 NSS Founder BackgroundNSS Founder Background  Law Enforcement Officer (19 years experience)Law Enforcement Officer (19 years experience)  DetectiveDetective  Computer Crime InvestigationsComputer Crime Investigations  Commercial FieldCommercial Field  DCITP, Lead Instructor for Network Investigations &DCITP, Lead Instructor for Network Investigations & IntrusionsIntrusions  Ernst & Young, Director of Incident Response,Ernst & Young, Director of Incident Response, National Forensics LabNational Forensics Lab  Fiderus Inc., Director of Incident Response &Fiderus Inc., Director of Incident Response & Penetration TestingPenetration Testing
  5. 5. 03/14/2009 5 Core CompetenciesCore Competencies  Information Assurance ServicesInformation Assurance Services  Managed Enterprise Security ServicesManaged Enterprise Security Services  Computer ForensicsComputer Forensics  Network InvestigationsNetwork Investigations  Computer Forensics TrainingComputer Forensics Training
  6. 6. 03/14/2009 6 What We OfferWhat We Offer  Information Assurance ServicesInformation Assurance Services  Certification and AccreditationCertification and Accreditation  Risk & Vulnerability AssessmentsRisk & Vulnerability Assessments  Disaster Recovery and Policy DevelopmentDisaster Recovery and Policy Development  Managed Security ServicesManaged Security Services  Firewalls/RoutersFirewalls/Routers  IDS/IPSIDS/IPS  Incident ResponseIncident Response  Computer Forensic Investigative ServicesComputer Forensic Investigative Services  Computer Crime Investigative TrainingComputer Crime Investigative Training
  7. 7. 03/14/200903/14/2009 77 Information AssuranceInformation Assurance
  8. 8. 03/14/2009 8 Information Assurance ServicesInformation Assurance Services  Information Assurance (IA)Information Assurance (IA)  Certification & AccreditationCertification & Accreditation  Vulnerability AssessmentsVulnerability Assessments  Penetration TestingPenetration Testing  Application TestingApplication Testing
  9. 9. 03/14/2009 9 C&AC&A  The Federal Information SecurityThe Federal Information Security Management Act (FISMA)Management Act (FISMA)  Compliance with FISMA requires expertCompliance with FISMA requires expert security analysis and evaluation skills andsecurity analysis and evaluation skills and a thorough understanding of the FISMAa thorough understanding of the FISMA requirementsrequirements
  10. 10. 03/14/2009 10 C&AC&A  NSS Security Experts assist and guide inNSS Security Experts assist and guide in the compliance of efforts for the followingthe compliance of efforts for the following standards:standards:  FISMAFISMA  NIST 800 seriesNIST 800 series  FIPS 199,200FIPS 199,200  DITSCAP/DIACAPDITSCAP/DIACAP  NIACAPNIACAP  HIPAAHIPAA  ST&E Testing of the above standardsST&E Testing of the above standards
  11. 11. 03/14/2009 11 C&AC&A  Life Cycle Certification SupportLife Cycle Certification Support  DefinitionDefinition  VerificationVerification  ValidationValidation  Post-AccreditationPost-Accreditation  Certification Audit SupportCertification Audit Support
  12. 12. 03/14/2009 12 Vulnerability ScanningVulnerability Scanning  Checks for known vulnerabilitiesChecks for known vulnerabilities  Work closely with customer to identifyWork closely with customer to identify scope and depth of scanningscope and depth of scanning  Generally, systems are checked for knownGenerally, systems are checked for known exploits and vulnerabilitiesexploits and vulnerabilities  Work with customer to mitigate andWork with customer to mitigate and mediate identified risksmediate identified risks  Assist in solution development andAssist in solution development and implementationimplementation
  13. 13. 03/14/2009 13 Penetration TestingPenetration Testing  In depth probing and testingIn depth probing and testing  Exploit unknown or unpublishedExploit unknown or unpublished vulnerabilitiesvulnerabilities  Requires more time and higher skilledRequires more time and higher skilled peoplepeople
  14. 14. 03/14/2009 14 Application TestingApplication Testing  Achilles heel of service-orientedAchilles heel of service-oriented architecturearchitecture  Applications are key to leveraging benefitsApplications are key to leveraging benefits of information systemsof information systems  Create the greatest riskCreate the greatest risk  Extensive codeExtensive code  Chance of insecure or exploitable codeChance of insecure or exploitable code being createdbeing created
  15. 15. 03/14/2009 15 Managed Enterprise Security Services
  16. 16. 03/14/2009 16 Managed Enterprise SecurityManaged Enterprise Security ServicesServices  FirewallsFirewalls  RoutersRouters  Intrusion Detection SystemsIntrusion Detection Systems  Intrusion Prevention SystemsIntrusion Prevention Systems  Incident ResponseIncident Response
  17. 17. 03/14/2009 17 Firewalls and RoutersFirewalls and Routers  Monitoring & ComplianceMonitoring & Compliance  Log analysisLog analysis  Configuration review and assessmentConfiguration review and assessment  Configuration updates and adjustmentsConfiguration updates and adjustments  Rule testing and evaluationRule testing and evaluation
  18. 18. 03/14/2009 18 Intrusion Detection Systems &Intrusion Detection Systems & Intrusion Prevention SystemsIntrusion Prevention Systems  Manage and monitor IPS/IDSManage and monitor IPS/IDS  Monitor network traffic for:Monitor network traffic for:  Hostile network activityHostile network activity  Ex-fill of sensitive informationEx-fill of sensitive information  Policy enforcement and violationPolicy enforcement and violation  PII disclosurePII disclosure  Plain TextPlain Text  Respond to alerts (IR)Respond to alerts (IR)
  19. 19. 03/14/2009 19 Computer ForensicsComputer Forensics
  20. 20. 03/14/2009 20 Computer Forensic ServicesComputer Forensic Services  Mobile ForensicsMobile Forensics  Network ForensicsNetwork Forensics  Intrusion InvestigationsIntrusion Investigations  Incident ResponseIncident Response
  21. 21. 03/14/2009 21 2121 Network ForensicsNetwork Forensics  WiretapsWiretaps  Packet analysisPacket analysis  Server data acquisitionServer data acquisition  Live data collectionLive data collection  Data validationData validation
  22. 22. 03/14/2009 22 Computer CrimeComputer Crime Investigative TrainingInvestigative Training
  23. 23. 03/14/2009 23 Multiple Training CoursesMultiple Training Courses  Computer ForensicsComputer Forensics  Linux ForensicsLinux Forensics  Mobile ForensicsMobile Forensics  Network ForensicsNetwork Forensics  Intrusion InvestigationsIntrusion Investigations  Internet InvestigationsInternet Investigations  Wire TapsWire Taps
  24. 24. 03/14/2009 24 2424 Training ClientsTraining Clients  DCITP- Defense Computer InvestigationsDCITP- Defense Computer Investigations Training Program for DoDTraining Program for DoD  Department of StateDepartment of State  George Washington UniversityGeorge Washington University  Internal Revenue ServiceInternal Revenue Service  Regional Computer Forensics GroupRegional Computer Forensics Group  Federal Bureau of InvestigationsFederal Bureau of Investigations  SOCOMSOCOM
  25. 25. 03/14/2009 25 Current ProjectsCurrent Projects
  26. 26. 03/14/2009 26 IRSIRS  SPAWAR Systems Center CharlestonSPAWAR Systems Center Charleston  Performing ST&EPerforming ST&E  Testing:Testing:  FISMA StandardsFISMA Standards  NIST 800-53, 800-53ANIST 800-53, 800-53A  FIPS 199, 200 FIPS 199, 200   Technology: Cisco, Unix, Microsoft, MSSQL 2000,Technology: Cisco, Unix, Microsoft, MSSQL 2000, MSSQL 2005, and Oracle 10.1(g)MSSQL 2005, and Oracle 10.1(g)
  27. 27. 03/14/2009 27 Department of NavyDepartment of Navy  SPAWAR - Navy Medicine EnterpriseSPAWAR - Navy Medicine Enterprise Security Operations CenterSecurity Operations Center  Router and Firewall securityRouter and Firewall security  Management and monitoring supportManagement and monitoring support  Policy compliance with SOPPolicy compliance with SOP  Develop and document operating policies andDevelop and document operating policies and proceduresprocedures
  28. 28. 03/14/2009 28 Work ExperienceWork Experience  IRSIRS  USDAUSDA  Department of NavyDepartment of Navy  HQ, FIRST U.S. ARMYHQ, FIRST U.S. ARMY  SAICSAIC  Commercial BanksCommercial Banks  UnionsUnions
  29. 29. 03/14/2009 29 2929 Work ExperienceWork Experience  FBIFBI  OIG PhiladelphiaOIG Philadelphia  Philadelphia PD IAPhiladelphia PD IA  Large Prime ContractorsLarge Prime Contractors  Law Firms & Private Investigative FirmsLaw Firms & Private Investigative Firms  Commercial BanksCommercial Banks  Commercial BusinessesCommercial Businesses
  30. 30. 03/14/2009 30 The NSS Security TeamThe NSS Security Team
  31. 31. 03/14/2009 31 Certifications & EducationCertifications & Education  CFCECFCE  CCECCE  EnCEEnCE  GIAC (SANS)GIAC (SANS)  MCSEMCSE  CISSPCISSP  CCNACCNA  CCSPCCSP  Security+Security+  CCNP + SecurityCCNP + Security  MA Sociology/CriminologyMA Sociology/Criminology  MS Information SystemsMS Information Systems
  32. 32. 03/14/2009 32 3232 Expert TestimonyExpert Testimony  Certified Expert Computer ForensicsCertified Expert Computer Forensics  Certified Expert Mobile ForensicsCertified Expert Mobile Forensics  Certified Witness Edged WeaponsCertified Witness Edged Weapons
  33. 33. 03/14/2009 33 Customer SatisfactionCustomer Satisfaction  We have had outstanding performanceWe have had outstanding performance reviews from our customersreviews from our customers  We place appropriately skilled, technicallyWe place appropriately skilled, technically proficient security engineersproficient security engineers  We have several teaming opportunities onWe have several teaming opportunities on large, upcoming projectslarge, upcoming projects
  34. 34. 03/14/2009 34 Future of NSSFuture of NSS
  35. 35. 03/14/2009 35 Upcoming ProjectsUpcoming Projects  Support C&A efforts for Marine CorpsSupport C&A efforts for Marine Corps  Increase support on Navy MedicineIncrease support on Navy Medicine Enterprise Security Operations CenterEnterprise Security Operations Center  Intrusion Prevention/DetectionIntrusion Prevention/Detection  Incident ResponseIncident Response  Manage Computer Forensics LabManage Computer Forensics Lab  Provide computer forensic and incidentProvide computer forensic and incident response support to governmentresponse support to government SOC/NOCSOC/NOC
  36. 36. 03/14/2009 36 GoalsGoals  Achieve prime contractor statusAchieve prime contractor status  Start small and growStart small and grow  Stay up-to-date on certifications andStay up-to-date on certifications and educationeducation  Continue to provide our customers withContinue to provide our customers with Quality of Service and CustomerQuality of Service and Customer SatisfactionSatisfaction
  37. 37. 03/14/2009 37 Why Choose NSSWhy Choose NSS NNetwork Security is in our name & is what we doetwork Security is in our name & is what we do SSkilled and Certified Security Engineerskilled and Certified Security Engineers SStrong Past Performance & Notable Responsivenesstrong Past Performance & Notable Responsiveness
  38. 38. 03/14/2009 38 Our Contact Information VA office: 2106 Harbor Drive, Greenbackville, VA 23356 SC office: 1156 Bowman Rd, #200, Mt. Pleasant, SC 29464 Phone: 703-319-0411 or 843-416-1196 Fax: 866-670-1961 President: (Ms) Alexei Haughom Email: alex@netsec.cc Website: www.network-securityservices.com

×