July 1, 2016

Taking the Right Tack® to Cyber Security

Our heart and soul is in security.  Our researchers, engineers, and security professionals all share the same passion for figuring out how stuff works, how it shouldn’t, and trying to make it hard for cyber-criminals to make a living.  Here are a couple areas where we’re making a difference:

Vulnerability Research: We have a knack for breaking stuff.  As a result, we work with the brightest minds in government and commercial security research.  Between network operations, mobile technology, SCADA, or IoT – basically if it’s got electricity running through it, we’re interested in how it works and how it shouldn’t work.  The work we perform in this area includes finding vulnerabilities, performing threat assessments on recently discovered vulnerabilities, and determining ways to defend or exploit unpatched targets.

Network Monitoring and Intrusion Detection: It turns out that when you have a knack for breaking electronics, you tend to get pretty good at looking for network anomalies and detecting intruders.  We help our government and commercial customers understand what goes on under the hood and implement strategies to help them defend their networks.  Our engineers understand how to view and discriminate normal traffic patterns from anomalies and perform network tests to determine if anomalies are related to hardware/performance bottlenecks or more serious threats (DDoS, SQL Injection, Buffer Overflows, or worse).

Embedded Software Development: We write software almost as much as we play with hardware.  We’ve performed both quick-release prototyping efforts as well as sustained full lifecycle development.  We also run the gamut between low level driver and kernel development to full-blown web platforms.  We’re also agilists, but we don’t take ourselves too seriously either.  Most of our projects are written in C, C++, Python, Java and Javascript.

Information Assurance Policy Creation and Enforcement: We also perform security policy creation and enforcement work.  Our Information Assurance professionals understand, enforce, and maintain security policies such as DCID 6/3, NISCAP, NIST SP 800-53, and ICD 503 which outlines the Risk Management Framework (RMF).  Our activities in this important field include performing Nessus security scans, developing and maintaining Department of Security Services (DSS) facility and network accreditation, and performing audits on behalf of the government for all government network-connected assets.

Cryptographic Infrastructure Support: The Helm Point Solutions team currently provides engineering services including software development and technical leadership for the next generation of cryptographic key management.  As such, our team understands the migration of keying mechanisms from legacy symmetric systems to asymmetric (public/private key pair) concepts including certificate authorities (CA) and trust anchors (TA).