Security & Hosting

Overview

Overview: 
In a world of malicious software and bad actors, the success of your solutions depend on having the strongest defense against cyber threats. More than just protection, it is important that your applications remain secure without sacrificing performance or accessibility. KFG’s practical security strategies and solutions enable agencies and commercial customers to detect, assess, report and mitigate their cybersecurity challenges.

Performance

SECURITY ASSESSMENT & AUDITS

Our work in IT with businesses, CPAs and Law Firms gives us comprehensive experience with security matters across a wide spectrum of businesses. We have conducted numerous assessments & audits for business clients across a wide spectrum formal audit and test requirements and we are comfortable formulating action plans that can be presented succinctly to the board of directors.

INTRUSION DETECTION & SURVEILLANCE

In approaching a large scale organization with complex network and node topologies we leverage a strong set of cyber securities tools. Chiefly, we implement Snort across Linux and Windows server implementations for intrusion prevention with real-time traffic analysis and packet logging. The tool will be utilized to perform protocol analysis, content searching/matching, and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes.

THREAT ASSESSMENT

We employ several advanced algorithmic solutions and data dashboarding to monitor and escalate threat reporting. Advanced Threat mitigation via Nessus allows for the integration with malware defenses, patch management tools, BYOD, firewalls, cloud infrastructure and virtualized systems.

CYBER INCIDENT FORENSICS

Our work with Law Firms in the role of technical litigation support has given us exposure to technical matters from a forensic aspect. Most of this work is around making sense of log files and reconstructing the chain of events, as observed from the point of view of the network, server or application, and presenting those findings to the law firm for the purposes of litigation.

BLACK & WHITE BOX TESTING

Blackbox & Whitebox testing are key features of security verification. There is no better way to verify that best practices are being followed and that there is adequate coverage of the contingency plan than by leveraging tools, software and scripts that would be used by black-hat attackers to compromise your operation. Our whitebox analysis helps us narrow the scope of work necessary to provide adequate security coverage, and our blackbox testing methodology helps ensure there are no gaps in the security plan implementation.

DISASTER PLANNING & RECOVERY

Disaster Planning & Recovery is something we bring to every client’s attention. As a general rule, the NIST checklist on contingency planning/disaster recovery is the starting point we have used with all of our clients in order to implement a disaster recovery plan.


Accomplishments

Accomplishments: 

We build and maintain over 125 C&A packages for FISMA reportable programs. KFG provides successful security and protection of the Global Information Grid (GIG) across 5+ contracts. We engineer and implement defense-in-depth solutions for the integration and management of perimeter and system security controls including NIST 800-53 and DoD 8500.02. We conducted annual inspections of nearly 20 government locations nationwide to evaluate IA posture and ease of cyber penetration. We assisted an agency with attaining outstanding and exceptional ratings on Defense Information Systems Agency (DISA) Command Cyber Readiness Inspections (CCRIs).