SlideShare a Scribd company logo
this is not business-as-usual
this is rock-and-roll
capabilities collection
what we do
CONTACT
US!
What’s your
MISSION?
SOFTWARE
ENGINEERING
CYBER SYSTEMS
ENGINEERING
CYBER
SECURITY
DEVOPS
USER
EXPERIENCE (UX)
DATA  INFORMATION
VISUALIZATION
1.
2.
3.
5.
6.
4.
we create secure systems that deliver
a brilliant user experience and help
our clients be great at what they do.
wilco@foxtrotdivision.us
software
engineering
wilco@foxtrotdivision.us
http://foxtrotdivision.us
•  DevOps Methodology  
•  Application Assurance
•  User Experience (UX)
•  Defensive Coding
•  Open Source Software Support
STANDARDS EXPERTISE
• Software Assurance Maturity Model
(SAMM)
• Capability Maturity Model Integrated
(CMMI)
AUTOMATION
We provide custom software to
automate the routine and streamline
workflows, allowing teams to spend
more time on value-added activities.
INTEROPERABILITY
We create the “glue” that allows
multiple heterogeneous systems
to communicate with each other,
maximizing IT investment value.
MISSION SUPPORT
We create custom software that helps
our clients accomplish their mission,
from cyber defense analytics to
logistics and property management.  
Writing code is our passion. Creating secure systems that function
as intended and deliver a brilliant user experience is our purpose.
Delivering value Early and Often
Organize requirements into functional
stories with short development times.   Bake in
security along the way.
Refine concepts into verifiable
requirements.
Plan User Experience (UX) by
understanding users, workflows, and
objectives.
Release functionality incrementally,
as it is developed, tested and verified.
Validate functionality by
obtaining feedback from users and
stakeholders.   Is it really what the
users want and need?
for (int i = today; i  endOfTime; i++) {
goFurtherAndFaster(yesterday);
}
CYBER SYSTEMS
wilco@foxtrotdivision.us
http://foxtrotdivision.us
•  Systems Engineering  Technical
Assistance
•  Agile/DevOps Methodology  
•  Full System Development Life Cycle
Support
STANDARDS EXPERTISE
• Software Assurance Maturity Model
(SAMM)
• Capability Maturity Model Integrated
(CMMI)
• Project Mgmt Body of Knowledge (PMBOK)
• International Council on Systems
Engineering (INCOSE)
• National Institute of Standards 
Technology (NIST)
ENGINEERING
Basic to advanced
technical support for
all components of the
system.
SUPPORT
Establishing systems  to
maintain and disseminate
project knowledge and intel-
ligence; giving stakeholders
info they need, when they
need it.
KNOWLEDGE MGMT
Coordinating system deployments,
equipment movements, and prop-
erty mgmt.
LOGISTICS
Analysis and management
of requirements through-
out the life cycle.
REQUIREMENTS MGMT
Streamlined change and
version control for rapid
integration of changes.
CONFIGURATION MGMT
Automated verification
and regression testing.
TESTING  VERIFICATION
Agile development/integration of
system components focused on
delivering value early and often.
ENGINEERING
Continuous monitoring
of risks to project cost,
schedule, scope, and
performance.
RISK MGMT
Application of regulatory,
statutory, and organiza-
tional security requirements;
automated, continuous
compliance monitoring and
assessments.
CYBER SECURITY
The project is itself a system, composed of many moving parts...
hardware, software, people, processes, support systems.
Everything is connected. Everything matters.
REQUIREMENTS
MGMT
CONFIGURATION
MGMT
CYBERSECURITYRISKMGMT
ENGINEER
ING
TESTING 
VERIFICATION
LO
GISTICS
SUPPORTKNOWLEDGE
MGMT
PROJECT
MGMT
DEVOPS
deliver value ea
rlyoften
QUA
LITYASSURANCE verify delivered value meetsstan
dards
CYBER
SECURITY
wilco@foxtrotdivision.us
http://foxtrotdivision.us
DEFENDABLE
by design
•  Application Assurance
•  Automated Implementation,
Assessment, and Monitoring of
Security Controls
•  Risk Management Framework (RMF)
•  Full Security Life Cycle Support
We don’t check boxes.
We don’t shuffle paper.
We secure systems
and that includes people,
processes, and nuts-and-bolts
engineering.
Our risk-based approach focuses on a thorough technical understanding of the
system and its operating environment, its threats and vulnerabilities, and the
proper application of security controls based on risk tolerance.
MALICIOUS ACTORS
NATURAL DISASTERS
NON-MALICIOUS ACTORS
Individuals may inadvertently cause a
compromise by act or omission.
Hurricanes, tornadoes, lightning, and other
natural events.
Malicious actors with means, motive, and
opportunity.
Understand the SYSTEM.
First, we must understand the system by
identifying the types of information received,
processed, stored, and/or transmitted by each
component.
Personally Identifiable Information (PII)
Other Information Requiring Special Protection
Sources and Methods  Information (SAMI)
Health Information
Financial Information
SOFTWARE PEOPLE
HARDWARE
Emissions, HVAC/
power limitations, no
redundancy, lack of
port security...
Lack of training, social
engineering, human
error, improper use
of removable media...
Lack of input
validation, code
defects, lack of error
handling...
PROCESSES
Improper change
control, insufficient
testing, lack of patch
mgmt...
Understand the THREATS. Understand the VULNERABILITIES.
Apply the SECURITY LIFE CYCLE.
CATEGORIZE
SYSTEM
SELECT
SECURITY
CONTROLS
IMPLEMENT
SECURITY
CONTROLS
ASSESS
SECURITY
CONTROLS
AUTHORIZE
SYSTEM
MONITOR
SECURITY
CONTROLS
We leverage custom software and off-the-
shelf tools to rapidly implement, assess,
and monitor security controls.
wilco@foxtrotdivision.us
http://foxtrotdivision.us
•  Custom Workflow Automation  
•  Versatile team members doing more
with less
•  Using tools and collaboration to build
better systems, faster
DEVOPS
the revolution will be automated...
OPERATIONS
STAKEHOLDERS DEVELOPMENT
USERS
Fund it. Create it.
Use it.Maintain it.
PEOPLE PROCESSES
TOOLS
Our DevOps approach seeks to seamlessly integrate PEOPLE,
PROCESSES, and TOOLS to reliably deliver high quality systems, faster.
AUTOMATION SUPPORT SYSTEMS
AUTOMATED HARDENING
AUTOMATED
BUILD  INTEGRATION
HARDEN BUILD VERIFY DEPLOY
We create custom software to provide
secure system configurations in a
repeatable manner (that don’t brick
the box).
We use off-the-shelf software to
continuously build and integrate
changes into the system baseline.
AUTOMATED VERIFICATION
We create automated test cases to
verify new builds meet requirements,
and don’t break the baseline.
AUTOMATED DEPLOYMENT
We use centralized management
tools to push changes to production
systems.
D
EVELOP
BUILD
TESTVERIFY
QADEPLOY
OPERATE
real-time
collaboration 
a
wareness
Cen
tralizedDEVOPSt
ools
CONTINUOUSFEEDBACK
RAPID RESPONSE TO CHANGE
wilco@foxtrotdivision.us
http://foxtrotdivision.us
•  UX Designed for All Participants in the
System  
•  Structured Process to Implement
Effective UX
•  Continuous Feedback for Effective
Process Improvement
UX
user experience
Users matter most.
Period.
WHO WE ARE DESIGNING FOR
CONTENT NAVIGATION FUNCTION FORM
Will it help
me do my
job?
Will it be
easy to
use?
Will it be
available
when I
need it?
How often will
it need human
intervention?
Will it
integrate with
tools I already
use?
Will patches
be available
in a timely
manner?
Will it be
secure?
What business
metrics will be
available?
Will it add
value for
our users?
The Elements of User Experience (UX)
One of our first objectives
is to understand and
logically organize the
data and information
stakeholders need to
perform their mission.  
We design an effective
navigation structure to
ensure stakeholders can
find what they are looking
for quickly, easily, and in
a repeatable manner.
What must the system do?
We seek to understand
how each stakeholder will
use the system, and what
actions they need to take
to perform their mission.  
The appearance of each
component is designed
to be intuitive, add value,
and have logical meaning
with the context of the
larger system.
When designing a UX, we consider the wants, needs, and concerns of all participants
MAINTAINERS OWNERSUSERS
wilco@foxtrotdivision.us
http://foxtrotdivision.us
•  Custom Dashboards for Business
Analytics
•  Cyber Defense Watch Consoles
•  Real-time Project Status
•  Intelligence-Oriented Reporting
DATA  INFORMATION
VisualizationRevealing the intelligence
behind the data.
We use design to reveal the truth in data. The truth about what’s
happening now, what’s happened in the past, and what’s likely to
happen in the future.
G
NORMAL (G)
+/- 15% from goal
Y
CAUTION (Y)
+/- 16-31% from goal
O
WARNING (O)
+/- 32-50% from goal
R
CRITICAL
50% from goal
INTELLIGENCE-ORIENTED DESIGN
Our design focuses
on presenting the
most concise, factual
data to facilitate rapid
analysis and response
by stakeholders.
How is the
project
doing?
Botnet Activity
Subnet HR
IP: 192.168.10.2
 ACTIONS
What’s
happening
on the
network?
Custom dashboards and visualizations designed to help
our clients be great at what they do.
WARNING CRITICAL
REAL-TIME STATUS.
BASED ON REAL DATA.
RISK MATRIX
Highly Likely
Likely
Somewhat Likely
Unlikely
Highly Unlikely
LOW MODERATE HIGH
What are
the risks?
ScheduleG
CostO
ScopeY
PerformanceG

More Related Content

What's hot

Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
ReZa AdineH
 
Strategy considerations for building a security operations center
Strategy considerations for building a security operations centerStrategy considerations for building a security operations center
Strategy considerations for building a security operations center
CMR WORLD TECH
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSF
Digital Bond
 
NIST Critical Security Framework (CSF)
NIST Critical Security Framework (CSF) NIST Critical Security Framework (CSF)
NIST Critical Security Framework (CSF)
Priyanka Aash
 
Rothke secure360 building a security operations center (soc)
Rothke   secure360 building a security operations center (soc)Rothke   secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
Ben Rothke
 
IBM Security SaaS IaaS and PaaS
IBM Security SaaS IaaS and PaaSIBM Security SaaS IaaS and PaaS
IBM Security SaaS IaaS and PaaS
Camilo Fandiño Gómez
 
What is Security Operations Centre? Types, Need and Benefits of SOC
What is Security Operations Centre? Types, Need and Benefits of SOCWhat is Security Operations Centre? Types, Need and Benefits of SOC
What is Security Operations Centre? Types, Need and Benefits of SOC
Patten John
 
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
Shah Sheikh
 
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
Vijilan IT Security solutions
 
Security Information Event Management - nullhyd
Security Information Event Management - nullhydSecurity Information Event Management - nullhyd
Security Information Event Management - nullhyd
n|u - The Open Security Community
 
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...Manoj purandare - Stratergy towards an Effective Security Operations Centre -...
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare ☁
 
NISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best PracticeNISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best Practice
David Ochel
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
 
From SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardFrom SIEM to SA: The Path Forward
From SIEM to SA: The Path Forward
EMC
 
SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0Rasmi Swain
 
Got SIEM? Now what? Getting SIEM Work For You
Got SIEM? Now what? Getting SIEM Work For YouGot SIEM? Now what? Getting SIEM Work For You
Got SIEM? Now what? Getting SIEM Work For You
Anton Chuvakin
 
Nist.sp.800 37r2
Nist.sp.800 37r2Nist.sp.800 37r2
Nist.sp.800 37r2
newbie2019
 
System of security controls
System of security controlsSystem of security controls
System of security controls
S.E. CTS CERT-GOV-MD
 
2012-12-12 Seminar McAfee ESM
2012-12-12 Seminar McAfee ESM2012-12-12 Seminar McAfee ESM
2012-12-12 Seminar McAfee ESM
Pinewood
 

What's hot (20)

Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
 
Strategy considerations for building a security operations center
Strategy considerations for building a security operations centerStrategy considerations for building a security operations center
Strategy considerations for building a security operations center
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSF
 
NIST Critical Security Framework (CSF)
NIST Critical Security Framework (CSF) NIST Critical Security Framework (CSF)
NIST Critical Security Framework (CSF)
 
Rothke secure360 building a security operations center (soc)
Rothke   secure360 building a security operations center (soc)Rothke   secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
 
IBM Security SaaS IaaS and PaaS
IBM Security SaaS IaaS and PaaSIBM Security SaaS IaaS and PaaS
IBM Security SaaS IaaS and PaaS
 
What is Security Operations Centre? Types, Need and Benefits of SOC
What is Security Operations Centre? Types, Need and Benefits of SOCWhat is Security Operations Centre? Types, Need and Benefits of SOC
What is Security Operations Centre? Types, Need and Benefits of SOC
 
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
 
Axxera ci siem
Axxera ci siemAxxera ci siem
Axxera ci siem
 
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
 
Security Information Event Management - nullhyd
Security Information Event Management - nullhydSecurity Information Event Management - nullhyd
Security Information Event Management - nullhyd
 
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...Manoj purandare - Stratergy towards an Effective Security Operations Centre -...
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...
 
NISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best PracticeNISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best Practice
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
 
From SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardFrom SIEM to SA: The Path Forward
From SIEM to SA: The Path Forward
 
SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0
 
Got SIEM? Now what? Getting SIEM Work For You
Got SIEM? Now what? Getting SIEM Work For YouGot SIEM? Now what? Getting SIEM Work For You
Got SIEM? Now what? Getting SIEM Work For You
 
Nist.sp.800 37r2
Nist.sp.800 37r2Nist.sp.800 37r2
Nist.sp.800 37r2
 
System of security controls
System of security controlsSystem of security controls
System of security controls
 
2012-12-12 Seminar McAfee ESM
2012-12-12 Seminar McAfee ESM2012-12-12 Seminar McAfee ESM
2012-12-12 Seminar McAfee ESM
 

Viewers also liked

艺术品、展品航空运...PDF
艺术品、展品航空运...PDF艺术品、展品航空运...PDF
艺术品、展品航空运...PDFJoe Yang
 
[스타워즈1]시리즈순서
[스타워즈1]시리즈순서[스타워즈1]시리즈순서
[스타워즈1]시리즈순서
MinJin Yang
 
Anwesha_TEKsystems_regular
Anwesha_TEKsystems_regularAnwesha_TEKsystems_regular
Anwesha_TEKsystems_regularAnwesha Pahi
 
Debdatta_Bakshi_Supply_Chain_Management_4yrs[1]
Debdatta_Bakshi_Supply_Chain_Management_4yrs[1]Debdatta_Bakshi_Supply_Chain_Management_4yrs[1]
Debdatta_Bakshi_Supply_Chain_Management_4yrs[1]Debdatta Bakshi
 
Кузяева Эльвира Николаевна
Кузяева Эльвира НиколаевнаКузяева Эльвира Николаевна
Кузяева Эльвира Николаевна
school135
 
eCommerce and Your Business in 2020
eCommerce and Your Business in 2020eCommerce and Your Business in 2020
eCommerce and Your Business in 2020
Linnworks
 
Cmp2015 ritsumei takeda
Cmp2015 ritsumei takedaCmp2015 ritsumei takeda
Cmp2015 ritsumei takeda
Shiro Takeda
 
151110 electronic catalog_Echo-of-Geometry
151110 electronic catalog_Echo-of-Geometry151110 electronic catalog_Echo-of-Geometry
151110 electronic catalog_Echo-of-GeometryKyung-Lim Turrell
 
Tecnicas basicas de Diseño de Presa de Tierra
Tecnicas basicas de Diseño de Presa de TierraTecnicas basicas de Diseño de Presa de Tierra
Tecnicas basicas de Diseño de Presa de Tierra
JOHNNY JARA RAMOS
 
Distilleries company of Sri Lanka (DCSL)
Distilleries company of Sri Lanka (DCSL)Distilleries company of Sri Lanka (DCSL)
Distilleries company of Sri Lanka (DCSL)
thiwanka96
 
Perforacion Diamandina y toma de Muestras
Perforacion Diamandina y toma de MuestrasPerforacion Diamandina y toma de Muestras
Perforacion Diamandina y toma de Muestras
JOHNNY JARA RAMOS
 
Forum SDM Bali - Struktur KHL Permen 21 2016 ttg khl
Forum SDM Bali - Struktur KHL Permen 21 2016 ttg khlForum SDM Bali - Struktur KHL Permen 21 2016 ttg khl
Forum SDM Bali - Struktur KHL Permen 21 2016 ttg khl
Gunawan Wicaksono
 
Finger wart removal
Finger wart removalFinger wart removal
Finger wart removal
danneeledge
 
Manifestação pelo Veto Parcial do Projeto de Lei de Reforma da Lei Complement...
Manifestação pelo Veto Parcial do Projeto de Lei de Reforma da Lei Complement...Manifestação pelo Veto Parcial do Projeto de Lei de Reforma da Lei Complement...
Manifestação pelo Veto Parcial do Projeto de Lei de Reforma da Lei Complement...
Brasscom
 
Apache SystemML 2016 Summer class primer by Berthold Reinwald
Apache SystemML 2016 Summer class primer by Berthold ReinwaldApache SystemML 2016 Summer class primer by Berthold Reinwald
Apache SystemML 2016 Summer class primer by Berthold Reinwald
Arvind Surve
 

Viewers also liked (18)

Social Media
Social MediaSocial Media
Social Media
 
艺术品、展品航空运...PDF
艺术品、展品航空运...PDF艺术品、展品航空运...PDF
艺术品、展品航空运...PDF
 
[스타워즈1]시리즈순서
[스타워즈1]시리즈순서[스타워즈1]시리즈순서
[스타워즈1]시리즈순서
 
Anwesha_TEKsystems_regular
Anwesha_TEKsystems_regularAnwesha_TEKsystems_regular
Anwesha_TEKsystems_regular
 
Debdatta_Bakshi_Supply_Chain_Management_4yrs[1]
Debdatta_Bakshi_Supply_Chain_Management_4yrs[1]Debdatta_Bakshi_Supply_Chain_Management_4yrs[1]
Debdatta_Bakshi_Supply_Chain_Management_4yrs[1]
 
Peak.S.GS330
Peak.S.GS330Peak.S.GS330
Peak.S.GS330
 
Cpl- A Practical Guide to Coming Home
Cpl- A Practical Guide to Coming HomeCpl- A Practical Guide to Coming Home
Cpl- A Practical Guide to Coming Home
 
Кузяева Эльвира Николаевна
Кузяева Эльвира НиколаевнаКузяева Эльвира Николаевна
Кузяева Эльвира Николаевна
 
eCommerce and Your Business in 2020
eCommerce and Your Business in 2020eCommerce and Your Business in 2020
eCommerce and Your Business in 2020
 
Cmp2015 ritsumei takeda
Cmp2015 ritsumei takedaCmp2015 ritsumei takeda
Cmp2015 ritsumei takeda
 
151110 electronic catalog_Echo-of-Geometry
151110 electronic catalog_Echo-of-Geometry151110 electronic catalog_Echo-of-Geometry
151110 electronic catalog_Echo-of-Geometry
 
Tecnicas basicas de Diseño de Presa de Tierra
Tecnicas basicas de Diseño de Presa de TierraTecnicas basicas de Diseño de Presa de Tierra
Tecnicas basicas de Diseño de Presa de Tierra
 
Distilleries company of Sri Lanka (DCSL)
Distilleries company of Sri Lanka (DCSL)Distilleries company of Sri Lanka (DCSL)
Distilleries company of Sri Lanka (DCSL)
 
Perforacion Diamandina y toma de Muestras
Perforacion Diamandina y toma de MuestrasPerforacion Diamandina y toma de Muestras
Perforacion Diamandina y toma de Muestras
 
Forum SDM Bali - Struktur KHL Permen 21 2016 ttg khl
Forum SDM Bali - Struktur KHL Permen 21 2016 ttg khlForum SDM Bali - Struktur KHL Permen 21 2016 ttg khl
Forum SDM Bali - Struktur KHL Permen 21 2016 ttg khl
 
Finger wart removal
Finger wart removalFinger wart removal
Finger wart removal
 
Manifestação pelo Veto Parcial do Projeto de Lei de Reforma da Lei Complement...
Manifestação pelo Veto Parcial do Projeto de Lei de Reforma da Lei Complement...Manifestação pelo Veto Parcial do Projeto de Lei de Reforma da Lei Complement...
Manifestação pelo Veto Parcial do Projeto de Lei de Reforma da Lei Complement...
 
Apache SystemML 2016 Summer class primer by Berthold Reinwald
Apache SystemML 2016 Summer class primer by Berthold ReinwaldApache SystemML 2016 Summer class primer by Berthold Reinwald
Apache SystemML 2016 Summer class primer by Berthold Reinwald
 

Similar to Foxtrot Division Capabilities Collection

Tripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheetTripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheet
Devaraj Sl
 
Security is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White PaperSecurity is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White Paper
Mohd Anwar Jamal Faiz
 
Protecting microservices using secure design patterns 1.0
Protecting microservices using secure design patterns 1.0Protecting microservices using secure design patterns 1.0
Protecting microservices using secure design patterns 1.0
Trupti Shiralkar, CISSP
 
Windows Active Directory Security with IS Decisions
Windows Active Directory Security with IS DecisionsWindows Active Directory Security with IS Decisions
Windows Active Directory Security with IS Decisions
IS Decisions
 
Cyber security applied to embedded systems
Cyber security applied to embedded systemsCyber security applied to embedded systems
Cyber security applied to embedded systems
Tonex
 
Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the Hour
Techdemocracy
 
Managing Compliance
Managing ComplianceManaging Compliance
Managing Compliance
SecPod Technologies
 
SecOps.pdf
SecOps.pdfSecOps.pdf
SecOps.pdf
Aelum Consulting
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Mark Simos
 
CompTIA CySA+ Domain 2 Software and Systems Security.pptx
CompTIA CySA+ Domain 2 Software and Systems Security.pptxCompTIA CySA+ Domain 2 Software and Systems Security.pptx
CompTIA CySA+ Domain 2 Software and Systems Security.pptx
Infosectrain3
 
Advanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your BusinessAdvanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your Business
Infopulse
 
Security Teams & Tech In A Cloud World
Security Teams & Tech In A Cloud WorldSecurity Teams & Tech In A Cloud World
Security Teams & Tech In A Cloud World
Mark Nunnikhoven
 
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and Centrify
Sumana Mehta
 
Servicenow it management tools
Servicenow it management toolsServicenow it management tools
Servicenow it management tools
veeracynixit
 
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
SolarWinds
 
Partnership to Capture Indonesia ERP Cloud Trend Opportunities
Partnership to Capture Indonesia ERP Cloud Trend OpportunitiesPartnership to Capture Indonesia ERP Cloud Trend Opportunities
Partnership to Capture Indonesia ERP Cloud Trend Opportunities
Sutedjo Tjahjadi
 
System Security on Cloud
System Security on CloudSystem Security on Cloud
System Security on Cloud
Tu Pham
 
Sumo Logic IT Operations Solutions Brief
Sumo Logic IT Operations Solutions BriefSumo Logic IT Operations Solutions Brief
Sumo Logic IT Operations Solutions BriefManish Kalra
 
2015 AUG 24-Overview Version #2
2015 AUG 24-Overview Version #22015 AUG 24-Overview Version #2
2015 AUG 24-Overview Version #2Harriet Schneider
 

Similar to Foxtrot Division Capabilities Collection (20)

Tripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheetTripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheet
 
Security is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White PaperSecurity is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White Paper
 
Protecting microservices using secure design patterns 1.0
Protecting microservices using secure design patterns 1.0Protecting microservices using secure design patterns 1.0
Protecting microservices using secure design patterns 1.0
 
Windows Active Directory Security with IS Decisions
Windows Active Directory Security with IS DecisionsWindows Active Directory Security with IS Decisions
Windows Active Directory Security with IS Decisions
 
Company_Profile_Updated_17032016
Company_Profile_Updated_17032016Company_Profile_Updated_17032016
Company_Profile_Updated_17032016
 
Cyber security applied to embedded systems
Cyber security applied to embedded systemsCyber security applied to embedded systems
Cyber security applied to embedded systems
 
Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the Hour
 
Managing Compliance
Managing ComplianceManaging Compliance
Managing Compliance
 
SecOps.pdf
SecOps.pdfSecOps.pdf
SecOps.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
CompTIA CySA+ Domain 2 Software and Systems Security.pptx
CompTIA CySA+ Domain 2 Software and Systems Security.pptxCompTIA CySA+ Domain 2 Software and Systems Security.pptx
CompTIA CySA+ Domain 2 Software and Systems Security.pptx
 
Advanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your BusinessAdvanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your Business
 
Security Teams & Tech In A Cloud World
Security Teams & Tech In A Cloud WorldSecurity Teams & Tech In A Cloud World
Security Teams & Tech In A Cloud World
 
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and Centrify
 
Servicenow it management tools
Servicenow it management toolsServicenow it management tools
Servicenow it management tools
 
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
 
Partnership to Capture Indonesia ERP Cloud Trend Opportunities
Partnership to Capture Indonesia ERP Cloud Trend OpportunitiesPartnership to Capture Indonesia ERP Cloud Trend Opportunities
Partnership to Capture Indonesia ERP Cloud Trend Opportunities
 
System Security on Cloud
System Security on CloudSystem Security on Cloud
System Security on Cloud
 
Sumo Logic IT Operations Solutions Brief
Sumo Logic IT Operations Solutions BriefSumo Logic IT Operations Solutions Brief
Sumo Logic IT Operations Solutions Brief
 
2015 AUG 24-Overview Version #2
2015 AUG 24-Overview Version #22015 AUG 24-Overview Version #2
2015 AUG 24-Overview Version #2
 

Recently uploaded

Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
Matt Welsh
 
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Shahin Sheidaei
 
Top 7 Unique WhatsApp API Benefits | Saudi Arabia
Top 7 Unique WhatsApp API Benefits | Saudi ArabiaTop 7 Unique WhatsApp API Benefits | Saudi Arabia
Top 7 Unique WhatsApp API Benefits | Saudi Arabia
Yara Milbes
 
Cyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdfCyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdf
Cyanic lab
 
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
Juraj Vysvader
 
Graphic Design Crash Course for beginners
Graphic Design Crash Course for beginnersGraphic Design Crash Course for beginners
Graphic Design Crash Course for beginners
e20449
 
BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024
Ortus Solutions, Corp
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
Philip Schwarz
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
Georgi Kodinov
 
How Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptxHow Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptx
wottaspaceseo
 
Understanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSageUnderstanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSage
Globus
 
Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024
Paco van Beckhoven
 
Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024
Globus
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
Fermin Galan
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Globus
 
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Mind IT Systems
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
takuyayamamoto1800
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
Google
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Globus
 

Recently uploaded (20)

Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
 
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
 
Top 7 Unique WhatsApp API Benefits | Saudi Arabia
Top 7 Unique WhatsApp API Benefits | Saudi ArabiaTop 7 Unique WhatsApp API Benefits | Saudi Arabia
Top 7 Unique WhatsApp API Benefits | Saudi Arabia
 
Cyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdfCyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdf
 
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
 
Graphic Design Crash Course for beginners
Graphic Design Crash Course for beginnersGraphic Design Crash Course for beginners
Graphic Design Crash Course for beginners
 
BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
 
How Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptxHow Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptx
 
Understanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSageUnderstanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSage
 
Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024
 
Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
 
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
 

Foxtrot Division Capabilities Collection

  • 1. this is not business-as-usual this is rock-and-roll capabilities collection what we do CONTACT US! What’s your MISSION? SOFTWARE ENGINEERING CYBER SYSTEMS ENGINEERING CYBER SECURITY DEVOPS USER EXPERIENCE (UX) DATA INFORMATION VISUALIZATION 1. 2. 3. 5. 6. 4. we create secure systems that deliver a brilliant user experience and help our clients be great at what they do. wilco@foxtrotdivision.us
  • 2. software engineering wilco@foxtrotdivision.us http://foxtrotdivision.us • DevOps Methodology • Application Assurance • User Experience (UX) • Defensive Coding • Open Source Software Support STANDARDS EXPERTISE • Software Assurance Maturity Model (SAMM) • Capability Maturity Model Integrated (CMMI) AUTOMATION We provide custom software to automate the routine and streamline workflows, allowing teams to spend more time on value-added activities. INTEROPERABILITY We create the “glue” that allows multiple heterogeneous systems to communicate with each other, maximizing IT investment value. MISSION SUPPORT We create custom software that helps our clients accomplish their mission, from cyber defense analytics to logistics and property management. Writing code is our passion. Creating secure systems that function as intended and deliver a brilliant user experience is our purpose. Delivering value Early and Often Organize requirements into functional stories with short development times. Bake in security along the way. Refine concepts into verifiable requirements. Plan User Experience (UX) by understanding users, workflows, and objectives. Release functionality incrementally, as it is developed, tested and verified. Validate functionality by obtaining feedback from users and stakeholders. Is it really what the users want and need? for (int i = today; i endOfTime; i++) { goFurtherAndFaster(yesterday); }
  • 3. CYBER SYSTEMS wilco@foxtrotdivision.us http://foxtrotdivision.us • Systems Engineering Technical Assistance • Agile/DevOps Methodology • Full System Development Life Cycle Support STANDARDS EXPERTISE • Software Assurance Maturity Model (SAMM) • Capability Maturity Model Integrated (CMMI) • Project Mgmt Body of Knowledge (PMBOK) • International Council on Systems Engineering (INCOSE) • National Institute of Standards Technology (NIST) ENGINEERING Basic to advanced technical support for all components of the system. SUPPORT Establishing systems to maintain and disseminate project knowledge and intel- ligence; giving stakeholders info they need, when they need it. KNOWLEDGE MGMT Coordinating system deployments, equipment movements, and prop- erty mgmt. LOGISTICS Analysis and management of requirements through- out the life cycle. REQUIREMENTS MGMT Streamlined change and version control for rapid integration of changes. CONFIGURATION MGMT Automated verification and regression testing. TESTING VERIFICATION Agile development/integration of system components focused on delivering value early and often. ENGINEERING Continuous monitoring of risks to project cost, schedule, scope, and performance. RISK MGMT Application of regulatory, statutory, and organiza- tional security requirements; automated, continuous compliance monitoring and assessments. CYBER SECURITY The project is itself a system, composed of many moving parts... hardware, software, people, processes, support systems. Everything is connected. Everything matters. REQUIREMENTS MGMT CONFIGURATION MGMT CYBERSECURITYRISKMGMT ENGINEER ING TESTING VERIFICATION LO GISTICS SUPPORTKNOWLEDGE MGMT PROJECT MGMT DEVOPS deliver value ea rlyoften QUA LITYASSURANCE verify delivered value meetsstan dards
  • 4. CYBER SECURITY wilco@foxtrotdivision.us http://foxtrotdivision.us DEFENDABLE by design • Application Assurance • Automated Implementation, Assessment, and Monitoring of Security Controls • Risk Management Framework (RMF) • Full Security Life Cycle Support We don’t check boxes. We don’t shuffle paper. We secure systems and that includes people, processes, and nuts-and-bolts engineering. Our risk-based approach focuses on a thorough technical understanding of the system and its operating environment, its threats and vulnerabilities, and the proper application of security controls based on risk tolerance. MALICIOUS ACTORS NATURAL DISASTERS NON-MALICIOUS ACTORS Individuals may inadvertently cause a compromise by act or omission. Hurricanes, tornadoes, lightning, and other natural events. Malicious actors with means, motive, and opportunity. Understand the SYSTEM. First, we must understand the system by identifying the types of information received, processed, stored, and/or transmitted by each component. Personally Identifiable Information (PII) Other Information Requiring Special Protection Sources and Methods Information (SAMI) Health Information Financial Information SOFTWARE PEOPLE HARDWARE Emissions, HVAC/ power limitations, no redundancy, lack of port security... Lack of training, social engineering, human error, improper use of removable media... Lack of input validation, code defects, lack of error handling... PROCESSES Improper change control, insufficient testing, lack of patch mgmt... Understand the THREATS. Understand the VULNERABILITIES. Apply the SECURITY LIFE CYCLE. CATEGORIZE SYSTEM SELECT SECURITY CONTROLS IMPLEMENT SECURITY CONTROLS ASSESS SECURITY CONTROLS AUTHORIZE SYSTEM MONITOR SECURITY CONTROLS We leverage custom software and off-the- shelf tools to rapidly implement, assess, and monitor security controls.
  • 5. wilco@foxtrotdivision.us http://foxtrotdivision.us • Custom Workflow Automation • Versatile team members doing more with less • Using tools and collaboration to build better systems, faster DEVOPS the revolution will be automated... OPERATIONS STAKEHOLDERS DEVELOPMENT USERS Fund it. Create it. Use it.Maintain it. PEOPLE PROCESSES TOOLS Our DevOps approach seeks to seamlessly integrate PEOPLE, PROCESSES, and TOOLS to reliably deliver high quality systems, faster. AUTOMATION SUPPORT SYSTEMS AUTOMATED HARDENING AUTOMATED BUILD INTEGRATION HARDEN BUILD VERIFY DEPLOY We create custom software to provide secure system configurations in a repeatable manner (that don’t brick the box). We use off-the-shelf software to continuously build and integrate changes into the system baseline. AUTOMATED VERIFICATION We create automated test cases to verify new builds meet requirements, and don’t break the baseline. AUTOMATED DEPLOYMENT We use centralized management tools to push changes to production systems. D EVELOP BUILD TESTVERIFY QADEPLOY OPERATE real-time collaboration a wareness Cen tralizedDEVOPSt ools CONTINUOUSFEEDBACK RAPID RESPONSE TO CHANGE
  • 6. wilco@foxtrotdivision.us http://foxtrotdivision.us • UX Designed for All Participants in the System • Structured Process to Implement Effective UX • Continuous Feedback for Effective Process Improvement UX user experience Users matter most. Period. WHO WE ARE DESIGNING FOR CONTENT NAVIGATION FUNCTION FORM Will it help me do my job? Will it be easy to use? Will it be available when I need it? How often will it need human intervention? Will it integrate with tools I already use? Will patches be available in a timely manner? Will it be secure? What business metrics will be available? Will it add value for our users? The Elements of User Experience (UX) One of our first objectives is to understand and logically organize the data and information stakeholders need to perform their mission. We design an effective navigation structure to ensure stakeholders can find what they are looking for quickly, easily, and in a repeatable manner. What must the system do? We seek to understand how each stakeholder will use the system, and what actions they need to take to perform their mission. The appearance of each component is designed to be intuitive, add value, and have logical meaning with the context of the larger system. When designing a UX, we consider the wants, needs, and concerns of all participants MAINTAINERS OWNERSUSERS
  • 7. wilco@foxtrotdivision.us http://foxtrotdivision.us • Custom Dashboards for Business Analytics • Cyber Defense Watch Consoles • Real-time Project Status • Intelligence-Oriented Reporting DATA INFORMATION VisualizationRevealing the intelligence behind the data. We use design to reveal the truth in data. The truth about what’s happening now, what’s happened in the past, and what’s likely to happen in the future. G NORMAL (G) +/- 15% from goal Y CAUTION (Y) +/- 16-31% from goal O WARNING (O) +/- 32-50% from goal R CRITICAL 50% from goal INTELLIGENCE-ORIENTED DESIGN Our design focuses on presenting the most concise, factual data to facilitate rapid analysis and response by stakeholders. How is the project doing? Botnet Activity Subnet HR IP: 192.168.10.2 ACTIONS What’s happening on the network? Custom dashboards and visualizations designed to help our clients be great at what they do. WARNING CRITICAL REAL-TIME STATUS. BASED ON REAL DATA. RISK MATRIX Highly Likely Likely Somewhat Likely Unlikely Highly Unlikely LOW MODERATE HIGH What are the risks? ScheduleG CostO ScopeY PerformanceG