Integrated Cyber Solutions

Netorian cyber defense architectures will work in any computing environment or classification. Our Guardian Automated Defense Capability (G-ADC) product enables customer organizations to more rapidly assess, monitor, sense, scan, and perform network mapping, virtualization, penetration testing, packet capture analysis, intelligence research and analytics, forensic malware analysis, log parsing and analysis, network and host based security, mission logging, event correlation, scripting and programming, exploit creation and delivery, real time tracking, and diagnostics.

Our system of systems will provide near-real time adversary awareness, fusion and visualization, and bidirectional sharing of threat intelligence including cyber threat indicators. Using Infrastructure-as-a-Service technologies, the G-ADC quickly scales up or down to optimize a specific customer architecture. By combining existing software with open source technologies, the G-ADC amplifies the current toolset to perform new enhanced functionality such as:

Capture 5
Capture 6
Capture 7
Capture 8
Capture 9
Capture 1
PlayPause
  • Automated incident response and forensic analysis workflows

  • Rapid decision making SIEM interface

  • Automate tedious and time consuming sensitive data collection

  • Apply aggregated threat intelligence to contain inspect, remediate, and proactively defend against threats

  • Improved response analytics over time to improve defensive posture

  • Automate the creation of incident ticketing for analysis campaigns and situational awareness

  • Preserve crucial evidence with a logical chain of custody

  • Collective case analysis reporting feature to include artifact IoC data

  • Deployable countermeasures or forensics appliances with embedded workflows capabilities

Netorian recognizes the value in BOTH open source and COTS software. As such, we’ve found a balance within the G-ADC of the two and have leveraged the nature of open source customization to better enable and better present capability to the user in a fashion that maximizes human capital, allowing users to focus on actions/tasks that require the human brain, while maximizing operational effect.

Following the guidelines in Presidential Executive Order 13691 and NIST SP 800-150, we will develop a system of systems that will: identify IoC and control risk; provide a flexible data model; perform analysis of malware and existing taxonomies for local and distributed consumption. This is critical for determining, validating, and mitigating network intrusions and unauthorized activity to enable sharing taxonomies among security information tools. Our solution will correctly format information enabling real-time queries; allow collaboration (share with humans and share with machines); decrease duplicative effort and increase collaboration ensure the necessary intelligence is available to plan; and conduct and assess cyberspace operations and inform mission assurance for systems operated by-with-through the cyberspace domain. The process that our system of systems architecture will follow is: create event, assign attributes and share; Develop, disseminate and maintain relevant information to achieve situational understanding of enemy and adversary utilization of cyberspace; gather, share (flexible, tailorable aligned with organizational governance policy), store, and correlate indicators of compromise. store technical and non-technical information about malware samples, incidents, attackers, and intelligence; automated correlation; operational graphical interface.
Netorian’s enhanced Guardian Automated Defense capability will provide each of the operational requirements and will fulfill each technical requirement stated above in either a current Splunk based SIEM or a future Elasticsearch SIEM build.

Does your company need our services?

Message us today.

CONTACT US

210 Research Blvd # 160,
Aberdeen, MD 21001, USA

cyber@netorian.com

+1 (844) 638-6742