Novetta deployed the first accredited C2S workloads for multiple agencies; today, we are leading the development of the PaaS on top of C2S for the SAP community. Novetta has successfully engineered (and obtained certification for) dozens of secure compartmented systems and applications, large and small, for customers in the DoD, IC and SAP communities under ICD 503 and NIST 800-53. Our ElasticSearch practice focuses on full-scale cyber auditing and highly scalable, multi-petabyte big data analytics in the DoD, IC and SAP communities. Click photo to download.
Novetta Cyber Analytics is an advanced network traffic capture, inspection and analytics application for medium to large enterprises and government agencies. Designed to ensure rapid detection of breaches, significantly reduce attacker dwell times, and enable immediate remediation to reduce further exposure, Novetta Cyber Analytics delivers the fastest and most precise network traffic analytics possible. Download this white paper for an overview of the technical architecture of Novetta Cyber Analytics.
Security Information and Event Management solutions – SIEMs – have become quite commonplace within cyber security operations today, and because of this, there is a lot of confusion as to exactly what a SIEM is versus an advanced network-traffic analytics solution. The short answer is that SIEMs aggregate, correlate and analyze events, logs and alerts produced by machines, while an advanced network traffic analytics solution enables the rapid analysis of raw network-traffic by security analysts. The longer answer is, of course, much more complex than this, while cyber security shops that use both have a powerful combination on their hands….
On-Demand Webinar | July, 13, 2015
Watch the replay!
This webcast is a high level summary of the Elastic Botnet Report released by Novetta June 11, 2015. The report details exploits of an ElasticSearch vulnerability to create distributed denial-of-service (DDoS) botnet infrastructures using the Elknot and BillGates DDoS malware families, and includes:
* An overview of the vulnerability
* Specifics about the threat actors
* Analysis of the malware functionality
* Remediation steps to help detect and remove infections.
On-Demand Webinar | Recorded July 28, 2015
The U.S. DoD was constantly getting breached – none of the tools they had built or purchased were working to prevent this (including SIEMs and Security Analytics packages). Learn how they solved this problem using an advanced, network-traffic analytics solution.
Bird’s Eye View is a new monthly executive summary report generated by Novetta’s Threat Research Group to provide a high-level summary of recent noteworthy cyber security events. This first edition will cover recent reporting on three cyber espionage campaigns.
This reverse engineering report outlines the capabilities of newer versions of Winnti that were observed during Operation SMN, including details on the malware’s start-up sequence, basic capabilities, and C2 communication protocol.
This list contains hashes of Winnti samples that can be found in VirusTotal.
This report includes key findings, background of the Operation SMN effort and its intended goals, some preliminary data on its impact, analysis of campaign targets, operational practices of Axiom as well as some strategic analysis of potential motivations and groups behind the tasking of Axiom actors.
This report outlines in detail the full known lineage and capabilities of the HiKit malware family as it is known to Novetta and the Operation SMN coalition.