Security Solutions

Intelligent Questions. Intelligent Answers.

An Integrated Approach to Building a Healthy Security Environment

In a data-driven, highly distributed world, more and more of our clients are asking for a strategic approach to reinforcing their defenses. Organizations face an ever-changing threat landscape while dealing with a security skills shortage, both factors that affect the ability to keep users productive and the organization and data safe.

If you’re ready to transform your cybersecurity posture, CAS Severn can help you plan, build, and run an integrated and proactive strategy that will protect, detect, prioritize, respond, address, and control security breaches. The team of highly experienced professionals has successfully implemented security solutions for organizations of all sizes, including education, healthcare, and state and federal government.

SECURITY ASSESSMENT AND CONSULTING SERVICES

CAS Severn can help you design an integrated framework with security management solutions, systems integration and managed services to protect every aspect of your organization.
  • CAS Severn Security Assessment: an assessment methodology, based on Industry Standard best practices, that analyzes people, processes, and IT systems and provides a roadmap designed to identify, prioritize, address, and prevent security breaches. 
  • Security Strategy, Risk and Compliance: Automating Governance, Risk and Compliance (GRC) programs.
  • Network, Mobile and Endpoint Security: Redefining infrastructure and endpoint solutions with secure software-defined networks.
  • Security Intelligence and Operations: Building and managing security operations and security fusion centers.
  • Identity and Access Management: Modernizing Identity and Access Management (IAM) for the cloud and mobile era.
  • Data and Application Security: Deploying robust critical data protection programs and establishing application security throughout the lifecycle.

NETWORK MANAGMENT

Organizations require the ability to effectively manage risk, take immediate action when a new exploit is detected, and they need to proactively block against the riskiest threats before they are exploited. We enable our clients to detect and prevent network intrusions and exploits, obtain a complete picture of all network activity, and perform advanced forensic analyses.

QRadar Incident Forensics captures, stores and indexes network packets, making them fully searchable and reconstructing captured packets into the original source format. This can be used for cyber forensic analyses, supporting investigations into breaches and insider attacks and providing data in a format acceptable by law enforcement and courts of law.

QRadar Network Insights enables attack prediction through real-time network traffic analysis. QRadar Network Insights analyzes network data in real-time to uncover an attacker’s footprints and expose hidden security threats in many scenarios before they can damage your organization, including: phishing e-mails, malware, data exfiltration, lateral movement, DNS and other application abuse, and compliance gaps.

Innovation Center Network Demonstrations: CAS Severn has developed an integrated demonstration of multiple security products working in tandem in a live environment that mirror a typical organization’s environment. The security platform is anchored by the QRadar SIEM tool set. The CAS CyberSecurity experts can demo IPS/XGS, Forescout, QRadar Vulnerably Manager and QRadar Log Manager.

Forescout Network Access Control (NAC), an approach that unifies endpoint security technology (i.e. antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement.

  • Identify managed and unmanaged devices.
  • Guard against targeted threats.
  • Address endpoint compliance issues.

 

ForeScout Technologies Named a Representative Vendor in Gartner’s 2016 Market Guide for Network Access Control (NAC)

SECURITY INTELLIGENCE AND EVENT MANAGEMENT (SIEM)

IBM QRadar

The most intelligent, integrated and automated SIEM system in the industry, and Gartner’s 2016 Magic Quadrant for SIEM, provides value before, during and after an attack because it incorporates behavior and context. This means better security profiling, advanced detection and complete forensics.

IBM QRadar leverages the threat intelligence expertise of the IBM X-Force dynamic database to provide a preemptive approach to security with early threat detection, forensic analysis, log management, and vulnerability management.  

Six ways that QRadar helps protect assets and information from advanced threats.

  1. Provides real-time visibility to the entire IT infrastructure for threat detection and prioritization.
  2. Reduces and prioritizes alerts to focus security analyst investigations on an actionable list of suspected, high probability incidents.
  3. Enables more effective threat management while producing detailed data access and user activity reports.
  4. Operates across on-premises and cloud environments.
  5. Produces detailed data access and user activity reports to help manage compliance.
  6. Offers multi-tenancy and a master console to help managed service providers provide security intelligence solutions in a cost-effective manner.

Innovation Center SIEM Demonstrations: CAS Severn has developed an integrated demonstration of multiple security products working in tandem in a live environment that mirror a typical organization’s environment. The security platform is anchored by the QRadar SIEM tool set. The CAS CyberSecurity experts can demo QRadar SIEM, Log Manager, Vulnerability Manager, Risk Manager, and Incident Forensics.

Splunk

Named a Leader in 2016 Gartner Magic Quadrant for SIEM for the fourth straight year, Splunk Solutions transform machine-generated data into valuable insights that can help make your business more productive, profitable and secure. It’s the easy, fast, and secure way to search, analyze and visualize the massive streams of machine data generated by your IT systems and technology infrastructure—physical, virtual and in the cloud.

The leading platform for real-time operational intelligence, you can troubleshoot application problems and investigate security incidents in minutes instead of hours or days, avoid service degradation or outages, deliver compliance at lower cost and gain new business insights.

More than 12,000 customers in 110 countries are using Splunk to be more productive, profitable, competitive and secure.

CAS Severn delivers the comprehensive Splunk Solutions portfolio:

  • Application Delivery
  • Big Data
  • Business Analytics
  • Cloud Solutions
  • Internet of Things
  • IT Operations Management
  • Log Management
  • Security and Fraud

Learn more about CAS Severn’s Security-as-a-Service: QRadar Managed Services  

DATA SECURITY

CAS Severn helps clients safeguard critical data wherever it resides, across a full range of environments – from databases to big data, cloud, file systems and more with a step-by-step, holistic strategy to data security and governance using IBM Security Guardium and Key Lifecycle Manager.

IBM Security Guardium is a comprehensive data security platform that provides a full range of capabilities – from discovery and classification of sensitive data to vulnerability assessment to data and file activity monitoring to masking, encryption, blocking, alerting and quarantining to protect sensitive data.

  • Discovery and classification of sensitive data
  • Vulnerability assessment
  • Data and file activity monitoring
  • Masking, encryption, blocking, alerting and quarantining

IBM Security Key Lifecycle Manager—formerly Tivoli Key Lifecycle Manager—centralizes, simplifies and automates the encryption key management process to help minimize risk and reduce operational costs of encryption key management. It offers secure and robust key storage, key serving and key lifecycle management for IBM and non-IBM storage solutions using the OASIS Key Management Interoperability Protocol (KMIP).

IBM Security Key Lifecycle Manager helps customers meet regulations and standards such as the Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley and the Health Insurance Portability and Accountability Act (HIPAA) by providing centralized control and management of encryption keys.

CAS Innovation Center Data Security Demonstrations: CAS Severn has developed an integrated demonstration of multiple security products working in tandem in a live environment that mirror a typical organization’s environment. The security platform is anchored by the QRadar SIEM tool set. The CAS CyberSecurity experts can demo IBM Guardium Suite and LifeCycle.

IDENTITY AND ACCESS MANAGEMENT (IAM)

Managing identities and access privileges is at the heart of solving any security issue. IBM’s Identity Governance and Access (IAM) products and services help customers define their identity governance strategy, centralize identity management, and reduce cost associated with user provisioning and access management. IAM products also audit, monitor and report on user compliance with acceptable use policy.

  • Automated access certification improves audit performance and reduces the cost of compliance.
  • Self-service access lets users request and manage access with automatic policy enforcement.
  • Password management allows users to independently reset and change passwords, while enforcing strong password policy.
  • Identity intelligence highlights business- relevant information in easy-to-understand dashboards, reports, and advanced analytics.
  • Automated provisioning streamlines access changes based on user requests or detected user events.
  • Provide evidence for increased investments in security personnel and technology.

Identity Manager enables organizations to drive effective identity management and governance across the enterprise for improved security and compliance. Now available as a virtual appliance, clients can automate the creation, modification, recertification and termination of identities throughout the user lifecycle.

Identity Governance and Intelligence helps customers maintain strong control over user access to applications and carefully monitor how the entitlements align with business roles and responsibilities. Governance platform centralizes identity data and leverages one model for policy, risk, and roles across all IAM processes.

Privileged Identity Manager provides a single integrated product that helps thwart insider threats by protecting and tracking the use of user credentials with elevated access privileges.

Federated Identity Manager provides web and federated single sign-on (SSO) to users throughout multiple applications. It uses federated SSO for security-rich information sharing for private, public and hybrid cloud deployments. Now you can enable security-rich business collaboration in the cloud. Federated identity management (FIM) allows subscribers across multiple enterprises can use the same identification data to obtain access to the networks of all enterprises in the group.

Security Access Manager allows organizations to take back control of their access management system with a single integrated platform that manages access across many common scenarios.

Second and Mulit-factor Authentication raises the level of assurance of your mission-critical systems with a flexible and tightly integrated multi-factor authentication solution.

Enterprise Single Sign-on is a simple and flexible access management solution that combines convenient single sign-on with session management and user tracking/audit capabilities. The product simplifies password management, supports a variety of strong authentication devices, and helps secure kiosks and shared workstations. It allows users to sign on to the enterprise network from anywhere with one password with secure access to all applications.

Innovation Center Network Demonstrations: CAS Severn has developed an integrated demonstration of multiple security products working in tandem in a live environment that mirror a typical organization’s environment. The security platform is anchored by the QRadar SIEM tool set. The CAS CyberSecurity experts can demo ISIM, ISAM, PIM, and TFIM.

APPLICATON SECURITY

Static and dynamic application security testing throughout the application lifecycle provides preemptive protection for mobile and web-based applications.

  • Enhance web application security and mobile application security.
  • Improve application security program management
  • Strengthen regulatory compliance

By scanning your web and mobile applications prior to deployment, CAS Severn can help you to identify security vulnerabilities, and generate reports and fix recommendations.

Innovation Center Application Security Demonstrations: CAS Severn has developed an integrated demonstration of multiple security products working in tandem in a live environment that mirror a typical organization’s environment. The security platform is anchored by the QRadar SIEM tool set. The CAS CyberSecurity experts can demo IBM App Scan.

MOBILE MANAGEMENT

The fast pace of change in mobile brings new complexities and challenges to manage. Mobility truly connects everyone to everything, and provides certain expectations. Mobile users have varying work styles, want a native experience and have concerns about privacy. From the data center, to the cloud, devices and apps, data is moving between them all. Apps are being developed and introduced at a rapid pace and with limited security best practices. Malware is becoming more prevalent and growing in frequency on mobile. CAS Severn can help you address these challenges with mobile security and management solutions.

MaaS360 is a comprehensive Enterprise Mobility Management (EMM) platform that enables apps and content with trust on any device anytime, anywhere, by delivering mobile security for the way people work.

Innovation Center Network Demonstrations: CAS Severn has developed an integrated demonstration of multiple security products working in tandem in a live environment that mirror a typical organization’s environment. The security platform is anchored by the QRadar SIEM tool set. The CAS CyberSecurity experts can demo MaaS360. 

ENDPOINT SECURITY AND MANAGEMENT

Scalable and comprehensive solutions for today’s distributed networks

If your organization is like most, you have a diverse mix of endpoints, desktops, laptops, servers, point-of-sale devices and more, connecting to your corporate network. Only a handful of these endpoints run on the same platform. We see many organizations with multiple point solutions performing different tasks on different devices, like asset discovery, patching, software usage and OS deployment.

CAS Severn can help you secure your organization’s endpoints from laptops, desktops and servers to point-of-sale devices, ATMs and kiosks, including 90+ platforms and operating systems.

CAS Severn’s CyberSecurity experts can work with you to architect a comprehensive endpoint security solution to detect and stop advanced threats before damage is caused. We work with clients on their site, on our site, or even a third party site — whatever works best for the client. And, with our central location in Laurel, Maryland, we can easily be onsite quickly and easily for a five-state area, without needing to schedule and fly in technical teams.

We are constantly exploring and evaluating new solutions in the marketplace in order to expand our portfolio of best-in-class solutions. That’s why we recommend IBM BigFix for clients looking for a highly scalable endpoint security management platform.

LEARN MORE WITH THESE RESOURCES

CAS Severn Patch Management Video 

Webinar Replay: Why So Many Endpoint Management Approaches Fail – Chris Lumpkin, CAS Senior Solutions Architect

Learn more about CAS Severn’s Security-as-a-Service: Patch Management. 

Innovation Center Endpoint Demonstrations: CAS Severn has developed an integrated demonstration of multiple security products working in tandem in a live environment that mirror a typical organization’s environment. The security platform is anchored by the QRadar SIEM tool set. The CAS CyberSecurity experts can demo BigFix (Compliance, Inventory, Core Protection, LifeCycle, Maas360) and Carbon Black.

CARBON BLACK AND BIGFIX INTEGRATION

Addressing endpoint vulnerabilities is a major challenge for businesses, often compounded by a lack of visibility into which devices are being actively exploited.

According to Gartner, 99 percent of vulnerabilities exploited are ones that professionals have known about for a year, but have lacked the solutions to address.

IBM and Carbon Black have partnered to design a new integrated offering, which links Carbon Black’s endpoint activity data with public Common Vulnerabilities and Exposures (CVE) databases to deliver a prioritized list of actively exploited vulnerabilities that’s tailored to each organization.

Combining IBM BigFix and Carbon Black lets security professionals identify and patch the endpoint exploits that are most threatening to their particular organizations. This process increases enterprise-wide visibility and speeds response time.

The integration also uses IBM QRadar which, together with BigFix, provides threat prioritization of vulnerabilities at network level. The most urgent alerts can now be escalated to security professionals for immediately attention, delivering the most comprehensive threat-based patching and fix solution.

The IBM BigFix and Carbon Black integration allows administrators to deploy a full endpoint security solution to detect, contain, investigate, and remediate security threats and attacks on endpoints across the enterprise. The following sections provide useful information and links to the resources available for the solution.

PENETRATION TESTING

We can help you find vulnerabilities by testing computer systems, networks or Web applications to:

  • Determine feasibility of attack vectors.
  • Identify high-risk vulnerabilities.
  • Identify vulnerabilities that may be difficult or impossible to detect with automated network or application vulnerability scanning software.
  • Assess the potential of business and operational impacts of successful attacks.
  • Test the ability of your network to detect and respond.

CAS SEVERN COMPLIANCE EXPERTISE

We understand what compliance means for your business. Our team of experts are well versed on the following:

  • COBiT: Control Objectives for Information and related Technology
  • CIS: Center for Internet Security
  • DISA: Defense Information Security Agency
  • DOD 8500.X: Department of Defense
  • FISMA: Federal Information Security Management Act
  • HIPAA: Health Insurance Portability and Accountability Act
  • HIPAA HITECH: Health Information Technology for Economic and Clinical Health
  • ISO: International Standard Organization 2700X
  • ITIL: IT Infrastructure Library
  • NIST: National Institute of Standard 800-53
  • PCI: Payment Card Industry
  • SSAE 16 (SAS70): Statement Standards for Attestation Engagements
  • SOX: Sarbanes Oxley
  • TOGAF: The Open Group Architecture Framework

Have a specific question or project you’d like to discuss with an expert? Send us a note or just give us a call at 800.252.4715.