Is your team ready for next-generation security challenges?
SAIC employs active security controls that combine discovery, threat intelligence, off-the-shelf software, and internally developed threat detection capabilities to protect your network against known dangers. Plus, you can continuously monitor for signs of emerging threats.
Our services include:
- A security portal with customizable views to provide situational awareness into security operations.
- Security and risk assessment reports that identify weaknesses within your network infrastructure.
- Penetration testing to demonstrate the effectiveness of your security measures.
- Information assurance and certification to identify anomalous activity and potential threats to network resources and data sources.
High-Scoring Security Improvement
With SAIC’s oversight, the Defense Readiness Reporting System for the Marine Corps (DRRS-MC) overcame vulnerabilities and scored a 97% on the 2013 Annual Security Review.
Reduce the Costs of Robust Cybersecurity Measures.
If your organization is a government agency, diverse multinational corporation, or small business, SAIC can help manage and protect IT assets and sensitive data without the cost of an in-house network security organization.
Experience a Smooth Transition from Internal to External Security Teams.
SAIC provides a detailed technical interchange during setup and transition designed to transfer institutional knowledge to the operations team and provide a basis for ongoing collaboration. During the interchange process, we identify, define, and document the attributes required to develop a concept of operations and specific operating procedures to be carried out by our staff.
Develop a Security Roadmap Unique to Your Organization.
SAIC collaborates with your organization to map technology requirements to business goals through in-depth understanding of your IT environment, the key applications that drive your business, and business-critical connections and system. With this, we develop a proactive roadmap to minimize vulnerabilities, extend detection, prioritize threats, establish prevention, and refine your security processes.
Protecting your IT infrastructure is a full-time job.
SAIC provides government and enterprise with a wide range of risk mitigation, threat assessment, and information assurance services:
Protect your assets in this hyper-connected world with CyberSecurity Edge.
SAIC's CyberSecurity Edge is an end-to-end solution that meets current and future customers' cybersecurity life cycle management needs. Our solution standardizes the complex process of discovering, fixing, and managing an organization's cybersecurity needs and requirements. Customers benefit from optimized solutions that meet their security needs fast, effectively, and in a cost-effective manner—by offering services that are easily tailored to fit any size or type of network, customers have the ability to choose just the capabilities that are needed and avoid the extras that are not.
As a repeatable solution, CyberSecurity Edge allows us to manage the entire network security life cycle, providing a detailed threat/vulnerability profile and offering a configurable "pick & play" solution that is tailored to the customer's risk tolerance and budget requirements.
SAIC performs a full and comprehensive assessment scan of a customer's network for all known vulnerabilities, risks, and threats, and provides a detailed report on the threats and vulnerabilities. We also provide a "get well" plan that documents courses of action on how SAIC will address threats and vulnerabilities. After SAIC implements and optimizes the "get well" plan, we continue to manage the security posture via the SAIC Secure Operating Center (SOC), or provide certified personnel to supplement the customer's cybersecurity staff.
Our scalable mitigation process includes integration of best-of-breed solutions, and automation and optimization of security enhancements and fixes. Ongoing cybersecurity management is offered to best suit the customer's requirements—security as a service through our SOC, or Certified Information Systems Security Professional (CISSP)-certified experts to work within the customer's infrastructure.
- CyberSecurity Edge utilizes non-intrusive penetration tools that can find recently exploited threats and vulnerabilities, as well as cutting-edge automated scanning tools.
- We have the ability to monitor on-premise, off-premise, and in hybrid environments.
- SAIC staff can work alongside the customer’s security experts, perform all your security efforts for you, or offer a hybrid of the two scenarios.
- By using the customer’s existing infrastructure, there is little to no disruption in current business processes with a nominal initial investment.
- Review of cybersecurity processes, procedures, documentation, and physical and personnel security are included in the assessment phase.
- The implementation process alleviates the need to completely change a client’s infrastructure.
- Our rapid mitigation process can fix a customer’s security posture.
- SAIC employs more than 350 cybersecurity experts with broad capabilities in advanced technology and data security solutions, vulnerabilities assessment, and risk mitigation.
- Our staff holds CISSP, Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), and Security+ certifications, and possesses years of hands-on experience to perform assessments for federal government, commercial, and state and local entities.
- Subject matter expertise includes trained vulnerability discovery teams of certified “white hat” ethical hackers, and operational experience of multiple security operations centers, network operations centers, and help desks.
- Our solution is aligned with best practices such as the National Institute of Standards and Technology (NIST) or U.S. Department of Defense (DoD) Risk Management Framework.
Immunize your networks against the threat of constant attack.
SAIC's threat intelligence team works to maintain awareness of adversary tactics, techniques, and procedures (TTPs) and uses this understanding to develop and deploy a behavioral-based approach to threat detection. We focus on inspecting communications for attributes indicative of an adversary's behavior.
SAIC's security portal includes modules for analyst investigations, security incident reports and workflows, managed-asset inventories and configurations, documentation repositories, and detection content development.
Our threat intelligence team focuses on all active and modern threats covering criminal malware and toolkits through nation-state and advanced persistent threats. The intelligence team's primary mission is to conduct ongoing and advanced threat research, discovery, and intelligence gathering through file and network activity analysis, malicious toolkit testing, and open-source monitoring.
- SAIC's security solutions are tailored to meet your organizational needs and to cost-effectively align with your business objectives to enhance performance, agility, and continuity.
- Our forensic and incident response teams deploy within a day's notice to diagnose and mitigate incidents, as well as for our commercial clients.
- As a member of the Defense Industrial Base, SAIC is a prime target for advanced persistent threats, giving us daily experience in detection and remediation. The same team that defends SAIC's networks defends customer networks.
- For more than 10 years, our monitoring services have successfully identified the hallmarks of behaviors and compromises, which are used to defend our client networks from advanced threats.
Know which risks you are really up against.
SAIC provides risk assessments that combine a knowledge of business objectives, information flow, and safeguard requirements with a deep comprehension of network architecture and operational policies and procedures. The result is an identification of critical assets, an understanding of your internal and external threats, and a prioritized set of cost-effective risk-mitigation measures.
Security assessments are available at various levels of complexity, from high-level reviews of organizational policies and procedures to technical vulnerability assessments involving sophisticated tools and procedures that can identify specific configuration and implementation weaknesses within your network infrastructure. Our reporting includes an analysis of findings along with workable solutions to improve security.
We design and execute penetration tests to determine the extent of your network's exposure to external or internal attack and assess the effectiveness of your existing safeguards to provide the level of protection you desire. We demonstrate the effectiveness of your security measures by attempting to exploit discovered weaknesses using our proven methodology. All testing is carefully controlled and conducted in a manner that avoids network outages and maintains data integrity.
- Rapidly expand and broaden existing network security capabilities
- Identify “offensive” maneuvers as a complement to your defensive systems
- Our own global network serves as a tremendous test bed for our solutions and services and includes diverse operating environments in multiple zones of security while accommodating 40,000 users with more than 100,000 devices.
- Our portfolio of security operation services helps customers secure and defend their networks while protecting them from the risks of using the Internet. SAIC’s high customer retention rate in more than 30 countries is a testament to the strength and depth of our capabilities
Protect the integrity, availability, authenticity, and confidentiality of user data.
SAIC provides IT repair, maintenance, operations, logistics, and engineering services to ensure secure, reliable, and uninterrupted availability of military, agency, and enterprise IT Systems.
We provide a range of assurance and certification services, including:
- Analyzing network alerts to determine possible causes.
- Reviewing network audit data to identify potential threats to network resources and data sources.
- Assisting in audit tool signature development.
- Coordinating with stakeholders to validate and resolve security alerts.
- Writing concept of operations and techniques, tactics, and procedure documentation.
- Supervising information technology systems on classified networks.
- Monitoring network perimeters through firewall, virtual private network (VPN), intrusion detection system/intrusion prevention system (IDS/IPS), and other network devices/software.
- Performing engineering studies involving equipment, applications, or theoretical analyses.
- Installing, configuring, and operating networks in highly complex environments with specific protocols.
- Develop an always-on cybersecurity force to help protect against failure of mission and loss of personnel, resources, dollars, and time.
- Mitigate the risks of a security breach that can result in a compromise of classified, proprietary, or sensitive information and the loss of data, software integrity, and system availability.
- SAIC has been delivering cyber-security training and exercises to over 175 government, U.S. Department of Defense, and commercial events around the world.
True security requires a constant, proactive approach.
SAIC’s cybersecurity solutions help organizations be proactive when it comes to detecting and stopping potential attacks and keeping their networks safe.
Space and Naval Warfare Systems Command
SPAWAR required enterprise-level network architecture, information architecture, systems engineering, and technical security services in order to execute on more than 350 task orders for SPAWAR Systems Center Atlantic. SAIC implemented defense-in-depth systems at 240 hospitals and medical facilities and developed, integrated, and managed computer network defense suites for Afloat and Ashore facilities.
Naval Sea Systems Command
NAVSEA’s special-purpose systems required Platform IT Risk Assessments (PIT RA) and the Naval Surface Warfare Center needed support for Critical Safety Item (CSI) preparation. SAIC implemented a fully compliant process for PIT Risk Assessments, served as advisor to NAVSEA, and successfully prepared the Naval Undersea Warfare Center for the CSI.
Marine Corps Enterprise Information Technology Services
For the MCEITS, SAIC created a Get Well Plan that massively reduced risk in only three months, developed a rapid Information Assurance Vulnerability alert (IAVA) management plan, and updated documentation that exceeded government expectations.