Novetta deployed the first accredited C2S workloads for multiple agencies; today, we are leading the development of the PaaS on top of C2S for the SAP community. Novetta has successfully engineered (and obtained certification for) dozens of secure compartmented systems and applications, large and small, for customers in the DoD, IC and SAP communities under ICD 503 and NIST 800-53. Our ElasticSearch practice focuses on full-scale cyber auditing and highly scalable, multi-petabyte big data analytics in the DoD, IC and SAP communities. Click photo to download.
Novetta Cyber Analytics is an advanced network traffic capture, inspection and analytics application for medium to large enterprises and government agencies. Designed to ensure rapid detection of breaches, significantly reduce attacker dwell times, and enable immediate remediation to reduce further exposure, Novetta Cyber Analytics delivers the fastest and most precise network traffic analytics possible. Download this white paper for an overview of the technical architecture of Novetta Cyber Analytics.
Security Information and Event Management solutions – SIEMs – have become quite commonplace within cyber security operations today, and because of this, there is a lot of confusion as to exactly what a SIEM is versus an advanced network-traffic analytics solution. The short answer is that SIEMs aggregate, correlate and analyze events, logs and alerts produced by machines, while an advanced network traffic analytics solution enables the rapid analysis of raw network-traffic by security analysts. The longer answer is, of course, much more complex than this, while cyber security shops that use both have a powerful combination on their hands….
On-Demand Webinar | July, 13, 2015
Watch the replay!
This webcast is a high level summary of the Elastic Botnet Report released by Novetta June 11, 2015. The report details exploits of an ElasticSearch vulnerability to create distributed denial-of-service (DDoS) botnet infrastructures using the Elknot and BillGates DDoS malware families, and includes:
* An overview of the vulnerability
* Specifics about the threat actors
* Analysis of the malware functionality
* Remediation steps to help detect and remove infections.
On-Demand Webinar | Recorded July 28, 2015
The U.S. DoD was constantly getting breached – none of the tools they had built or purchased were working to prevent this (including SIEMs and Security Analytics packages). Learn how they solved this problem using an advanced, network-traffic analytics solution.
This triage report outlines one of the specific malware families the threat actor group uses and preliminary analysis of the findings of the coalition.
These are YARA signatures, created by Novetta, that will detect and identify malware families that Axiom has used.
These are hashes of malware binaries that are members of malware families that Axiom has used.
These are YARA signatures, created by ThreatConnect, that will detect and identify malware families that Axiom has used.
Bird’s Eye View is a new monthly executive summary report generated by Novetta’s Threat Research Group to provide a high-level summary of recent noteworthy cyber security events. This first edition will cover recent reporting on three cyber espionage campaigns.