Our Services
General Services
Training Services
Network Engineering
Security Services
CNSS Certification
Contract Vehicles
GSA
Simulation Training & Automation

Back to Home Page

 

Additional Services
Cyber Network Defense Training
Network Training Simulators

ARMOES logo To ARMOES Live

 

CASE STUDIES

Client

Air Force Communications Agency

Situation:

  • A 4-person security testing team is tasked with creating test plans, testing, and generating DIACAP reports on a classified Command and Control (C2) DoD computer system.

  • 16 machines loaded with various operating systems, databases, and other C2 applications must be tested in accordance with all applicable DISA STIGs and checklists.

  • Upon completion of testing, over 6500 individual results must be analyzed and researched so the team can write a classified report that outlines all the details of each security finding.

  • The report contains over 600 security findings that must be attributed to individual Information Assurance Controls and included in the system's Plan of Action & Milestones (POA&M).

    Actions Taken:

  • ARMOES is used before, during, and after Certification Test and Evaluation (CT&E) and Security Test and Evaluation (ST&E) events.

  • Before: ARMOES is used to research updates to DISA STIGS and checklists, create & update individual test cases, and select test cases for inclusion in custom test plans.

  • During: ARMOES is used to compare actual test results against expected results, document test anomalies, document unique system security nuances critical to the test event, perform regression testing, etc.

  • After: ARMOES is used to analyze test results, determine risk, develop/document countermeasures, and generate standardized reports and test actions (both automated) in standard formats (MS Excel, PDF, etc.).

    Results/Benefits

  • Created, altered, and updated test plans up to75% faster than using manual methods.

  • Maintained history of IAVAs/TCNOs associated with each security check--reduced research and analysis time by up to 50%.

  • Quickly created a custom test plan tailored to a specific need--reduced custom and validation test preparation by 90%.

  • Directly parsed data from DISA SRR scripts to corresponding test case--90% increase in efficiency.

  • Standardized testing procedures-- increased tester proficiency and increased testing accuracy by over 70%.

  • Ensured continuity between testers through test case notes--eliminated duplicative research.

  • Automatically compiled and generated DIACAP and FISMA required Scorecard and POA&M in 15 minutes instead of 120 hours (15 man days).

     

    		•  Save $1000 - Sign Up Now!


    Contact Us

    A Cyber Security Company.