Defense Engineering

Many Siege staff members, much like other professionals within the CNO community, began their careers providing network and system defense services to commercial and US Government. Following the events of 9/11, there has been a new found focus to provide superior network and system defensive capabilities to the US Government and the US Military. Support services have included the operation, maintenance, and analysis of multi-vendor IDS deployments, the custom configuration and development of an advanced event (EOI – Event of Interest) reduction decision tree, and the security engineering and network hardening of newly deployed support networks.

Previous efforts by Siege personnel have included the engineering and implementation of DoD INFOCON Firewall policies across a large metropolitan area network supporting all branches of the military. More recently, Siege personnel were responsible for the establishment, technology development/deployment, and operation of a large multi-million dollar Information Assurance/Computer Network Defense division for a large DoD Agency.

Our specific experience supporting customers in this space include:

IDS/IPS deployment integration
- Configuration and deployment of custom fully OOB open source and commercial IDS products
- Custom and Commercial centralized signature manager
- Custom signature development
SIM software engineering and event management
- Implement event reduction and workflow decision tree to isolate EOI on a large scale global network
Security engineering
- Implemented port-based secure 802.1X using single sign-on compatible w/ DoD PKI
- Implemented server log aggregation and analysis system
- Deployed Squid farm for enhanced URL/Malicious code filtering
- Network design review and deployment support
  - HAG and KG deployment support
- Engineered network wide traffic capture and analysis system
  - IDS deployment points of presence
  - Integrated network operations analysis tools
Firewall configuration and analysis
- Ruleset analysis to optimize and tighten permissive rules
Computer and network forensic analysis
Incident response and post-mortem support
Honeypot/Honeyclient research
Custom advanced defensive technologies
- DNS blackhole and redirection
- Firewall BOGON list integration
System and network hardening
- STIG compliance support and custom Microsoft SBA templates
System vulnerability assessment support
- Deployed distributed commercial and open source network/system assessment tools
- Fully automated data collection and IAVA based report generation

Our specific experience includes but has not been limited to the following technologies:

IDS/IPS Technologies: SNORT, ARGUS, Bro, Shadow, IDABench, ACID/BASE, Cisco IDS, ISS SP, WiFi Watchdog, McAfee (IntruVert) IPS
BIDS Technologies: Lancope Stealthwatch, Arbor Peakflow X
Event Management: ArcSight, Lancope SMC
Firewall Technologies: Juniper Netscreen, PIX/ASA, Sidewinder, Checkpoint
AV/HBIDS Technologies: McAfee EPO, AVG, Symantec, Tripwire
Forensics Tools: Helix, Enterprise Encase, FTK
Proxy Engines: Squid, WebSense
Analysis Tools: TCPDump, NTOP, LTAuditor

Professional Services

Capability Highlights

Principals have 85 years combined US Government or contractor experience
Focus on Computer Security, Information Operations, Information Warfare, and Computer Network Operations
All personnel hold at least active Top Secret Clearances
Agile, customer focused small business

Testimonials

All of the professional expertise I expected without the large company attitude

Testimonial “Industry Partner”