SBIR-STTR Award

Current network monitoring systems and auditing methods are limited in their ability to present enough information simultaneously necessary for human analysts to gain network situational awareness. Some known limiting factors: • Existing two-dimensional, spreadsheet format, user Interfaces with scroll bars severely limit the amount of information that can be displayed. • Analysts must construct a mental model of the environment they are investigating based on their knowledge and experience by slowly consuming information via legacy 2D methods. • Existing security monitoring systems require manual correlation mapping of security event data between multiple systems in order to present relevant information simultaneously. Ingalls Viewpoint is designed to solve these problems by: • Identifying geospatial, temporal, and contextual connection between data that allows quick identification of emerging threats and user patterns • An effective, common model of the network environment that provides proper context for security events and structured intelligence • Information from security data that is automatically correlated through visual overlay of specific security event data on top of computers and connections in the environment Ingalls Viewpoint satisfies the issues raised by AF User Need ID: 3092; 3442. The approach is innovative and has the potential for commercialization.

AF Simulator’s Division has a national defense-related mission in the area of cybersecurity for use with the AFCreate/MOTAR Platform. Specifically, AFLCMC/WNS needs a Lightweight Simulator Ecosystem (LSE) Cyber Security Assurance Readiness (CSAR) process that supports DevSecOps activities and continuous cyber security authorization. Ingalls CSAR process is an agile, continuous delivery approach for developing, evaluating, and assessing cyber security approvable concepts and processes supporting LSE assets to rapidly deploy and continuously authorize assets into, and removal from, secure environments.    Ingalls CSAR proposed process builds on the existing containerized, development approach within AFCreate/MOTAR Portal that allows and encourages vendors to participate and contribute toward a common cyber assurance methodology supporting LSE. In addition, CSAR meets AF Simulators Division’s Simulator Common Architecture Requirements and Standards (SCARS) umbrella initiative and Strategic Agility! CSAR process has three levels of assessments. Level 1, focusing on Staging environment type of hardware, software, and products, is promoted into an ATO production environment once Level 2 is completed, ultimately landing in Level 3 for continuous authorization. Compliance assessment levels increase when certain projects inherit approved cloud controls and configuration best practices. CSAR proposal process displays in the AFCreate Admin Portal existing dashboard metrics providing users with indicators and awareness of status, tasks to be completed, and playbook of security control baseline standards.  CSAR proposed process provides the LSE ecosystem with a Roadmap and Playbooks for successful cyber implementation that comply with NIST RMF, DFARS 7012, and CMMC Practices helping to accelerate technology innovation for LSE ecosystem.