DISA News Banner

NETWORK DEFENSE

PRINT PAGE Add This

DISA provides Network Defense capabilities including features needed to ensure warfighter success through secure networks.

STANDARD FEATURES


  • Network Security Monitoring & Incident Reporting & Attack, Sensing, and Warning (AS&W) – Service provided to CNDSP subscribers which utilizes an incident reporting system for complete and meaningful incident report recording and rapid distribution to DoD channels and law enforcement/intelligence communities.
  • Incident Response and Recovery Team (IRRT) – Deployable emergency response team designed to assist sites in locating and recovering from network intrusions.
  • System Architecture, Analysis and Testing (SAAT) – Test the security and stability of the associated program using a variety of techniques.  
  • Malware Analysis – Reverse engineering of malware to determine the functionality of the software and to identify artifacts that can be utilized to locate additional infections.
  • Media Analysis – Analysis performed on system media to identify attack vectors, tools used, exploited software, and increase detection ability on networks and hosts.
  • Trends Analysis – Detailed analysis of IA/CND data from varying sources, to include compliance and intrusion data to identify and analyze trends, creating value-added products and reports for the enhancement of IA/CND policies, technologies, tactics, and training products.                              
  • CNDSP Exercise Support – Provides critical IA-based exercise support in various theater and global exercises.
  • Red Teaming – The Red Team is a focused, threat-based operation by an interdisciplinary, simulated adversary to expose and exploit vulnerabilities as a means to develop recommendations for the improvement of the security posture and operational CND capabilities and procedures utilized to protect networks and systems.
  • Penetration Testing – Involves approaches to vulnerability identification, enumeration, and attempted exploitation to determine the value and effectiveness of a network, system, or application's security configuration. Penetration testing is coordinated and conducted primarily in the open in accordance with a signed authorization by the system owner.
  • Vulnerability Assessment, Analysis & Trending – Vulnerability Assessment, Analysis, and Trending is conducted at the request of network owners in support of, or in augmentation to, the partner’s internal, DoD mandated vulnerability scanning and assessment actions.
  • Non-materials Solutions Development – The rapid development of tactical capabilities in response to an emerging threat.
  • IA Training Program Support – Provides hands-on technical assessment training for networks, operating systems and applications.
  • CNDSP Subscriber Services Support – Options for all or partial CNDSP Tier 2 services (Protect, Detect, Respond and Sustain)
  • Sensor Implementation – The fielding and implementation of CND technologies into the operational environment in support of Tier 2 and 3 CNDSP.
  • Sensor Configuration Management – Configuration and baseline support for managed sensors.
  • Sensor CONOPs/TTP Development – Development of CONOPs for sensor solutions and supporting TTPs.
  • Sensor Trouble Desk Escalation – Trouble shooting assistance for sensor issues that surface from the sensor grid.