Novetta deployed the first accredited C2S workloads for multiple agencies; today, we are leading the development of the PaaS on top of C2S for the SAP community. Novetta has successfully engineered (and obtained certification for) dozens of secure compartmented systems and applications, large and small, for customers in the DoD, IC and SAP communities under ICD 503 and NIST 800-53. Our ElasticSearch practice focuses on full-scale cyber auditing and highly scalable, multi-petabyte big data analytics in the DoD, IC and SAP communities. Click photo to download.
Novetta Cyber Analytics is an advanced network traffic capture, inspection and analytics application for medium to large enterprises and government agencies. Designed to ensure rapid detection of breaches, significantly reduce attacker dwell times, and enable immediate remediation to reduce further exposure, Novetta Cyber Analytics delivers the fastest and most precise network traffic analytics possible. Download this white paper for an overview of the technical architecture of Novetta Cyber Analytics.
Security Information and Event Management solutions – SIEMs – have become quite commonplace within cyber security operations today, and because of this, there is a lot of confusion as to exactly what a SIEM is versus an advanced network-traffic analytics solution. The short answer is that SIEMs aggregate, correlate and analyze events, logs and alerts produced by machines, while an advanced network traffic analytics solution enables the rapid analysis of raw network-traffic by security analysts. The longer answer is, of course, much more complex than this, while cyber security shops that use both have a powerful combination on their hands….
On-Demand Webinar | July, 13, 2015
Watch the replay!
This webcast is a high level summary of the Elastic Botnet Report released by Novetta June 11, 2015. The report details exploits of an ElasticSearch vulnerability to create distributed denial-of-service (DDoS) botnet infrastructures using the Elknot and BillGates DDoS malware families, and includes:
* An overview of the vulnerability
* Specifics about the threat actors
* Analysis of the malware functionality
* Remediation steps to help detect and remove infections.
On-Demand Webinar | Recorded July 28, 2015
The U.S. DoD was constantly getting breached – none of the tools they had built or purchased were working to prevent this (including SIEMs and Security Analytics packages). Learn how they solved this problem using an advanced, network-traffic analytics solution.
This report includes key findings, background of the Operation SMN effort and its intended goals, some preliminary data on its impact, analysis of campaign targets, operational practices of Axiom as well as some strategic analysis of potential motivations and groups behind the tasking of Axiom actors.
This report outlines in detail the full known lineage and capabilities of the HiKit malware family as it is known to Novetta and the Operation SMN coalition.
This report outlines in detail the functioning of the ZoxPNG member of the Zox family, and includes some preliminary analysis of ZoxRPC a relative of ZoxPNG malware.
This triage report outlines one of the specific malware families the threat actor group uses and preliminary analysis of the findings of the coalition.
These are YARA signatures, created by Novetta, that will detect and identify malware families that Axiom has used.