Booz Allen Solutions

Booz Allen Hamilton helps clients respond with effective tactical solutions—while positioning them to be ready for what’s next, with longer term strategic solutions that address information assurance and cyber resiliency.

Explore Booz Allen’s key solutions:

• Computer Network Defense within the Secure Private Cloud
• Prevent and Detect Phishing Attacks
• iAssurance Mobile App for Cyber Readiness and Resiliency
• Proactively Hunting Advanced Persistent Threats
• Cyber Aggressor Simulator (CAS)
  
• Dynamic Policy Tool
• Commercial Solutions Testing Lab
  

---

Computer Network Defense within the Secure Private Cloud

Booz Allen offers a full range of capabilities in this area. This demonstration will look at a number of them, including:

	prediction of all possible paths of attack within your organization’s cloud enterprise, and determination of the least level of effort required to quickly protect your systems
	tools to automate the collection, analysis, and assessment of threat and risk information across the cloud
	configuration control of physical and virtual system baselines
	notification of changes to critical system files
	FISMA compliance auditing, mitigation, and reporting of all systems across the cloud infrastructure
Download the Computer Network Defense in the DoD Cloud Demo

For more information, contact Troy Giefer or Brian Miller.

---

Prevent and Detect Phishing Attacks

In this demonstration you can learn how easily hackers can gain persistent computer access, what they can do once they are inside, and how to address this threat. We will show:

	how something innocuous such as opening a PDF file attached to an email can enable an attacker to gain access to one computer--and thereby the entire enterprise
	the functionality that the attackers have at their disposal: screen captures, webcam and microphone recording, keystroke recording, file search, data infiltration and more
	how to identify this type of malicious code utilizing a Booz Allen tool, Automated First Responder, which utilizes statistical analysis to identify the unknown malware typically utilized by the Advanced Persistent Threat

For more information contact Mark Eckert or Scot Lippenholz.

---

iAssurance Mobile App for Cyber Readiness and Resiliency

Booz Allen has developed an iPad application designed to provide rapid real-time information to cyber professionals and system administrators about new product vulnerabilities and the potential damage they can cause. This demonstration showcases the powerful features of this innovative application, such as:

	a sharing functionality that integrates social media capabilities
	access to the NIST National Vulnerability Database
	the ability for users to navigate the NIST 800-53 control set
	ease and portability that enable cyber professionals to better understand system vulnerabilities and risk at net-centric speeds

For more information contact Marc Stevens.

---

Proactively Hunting Advanced Persistent Threats

Today's cybersecurity threat continues to evolve into a broad and sophisticated range of adversaries with the skills, resources, patience, and motivation to accomplish their goals. Whether they are stealing intellectual property and state secrets or disrupting/destroying critical systems and infrastructure that power our economy and ensure our national security, our nation is at risk. This demonstration looks at several facets of Booz Allen’s efforts in the arena of Advanced Persistent Threats, such as

	an integrated approach across the full spectrum of people, process, and technology
	the need to implement a way of thinking and action to address these issues
	specialty tools that can proactively protect against highly sophisticated adversaries who have the ability to bypass all of today's best practices solutions

For more information contact Stephen Windsor or James Mitchell.

---

Cyber Aggressor Simulator (CAS)

In this demonstration discover how Booz Allen's Cyber Aggressor Simulator (CAS) can be used to tangibly evaluate cyber threats and information assurance (IA) mitigation strategies using an automated hacker emulation approach. As a more inclusive way to conduct an impact analysis than simple penetration testing, our approach leverages previous evaluations, actual white-hat and black-hat attacker operational and analytical methods, real-time sensors, and the latest industry exploits.

CAS is distinguished by its ability to:

	emulate attacker techniques and methodologies
	perform multi-step recon and exploitation
	launch exploits based on vulnerability decision analyses
	continuously update attacker profiles with the latest intelligence and forensics data

Download the Cyber Aggressor Simulator Demo

For more information contact Sue Albert and Jackie Nemeth.

---

Dynamic Policy Tool

Booz Allen demonstrates a successful strategy for dynamic cyber policy development that we can apply to policy and strategic initiatives for any organization, as well as our Dynamic Policy Tool, which provides real-time DoD Policy guidance and updates to the DoD policy. The tool can:

	facilitate collaboration and information sharing
	improve policy and guidance through feedback
	connect policymakers with the operational community

For more information contact Jonathan Chiu.

---

Commercial Solutions Testing Lab

This demonstration will explore some of the work being done by our Commercial Solutions Testing Laboratory. The Laboratory is an information technology (IT) computer security testing laboratory that is accredited by NIST to conduct IT security evaluations for conformance to the Common Criteria, FIPS 140-2, PIV, and S-CAP standards.

For more information contact Eric Winterton or Steve Rome.