As part of the DITSCAP and DIACAP C&A processes, SpinSys brings decades of security experience to include application and operating system hardening, network intrusion detection, vulnerability assessment and penetration testing, vulnerability remediation and validation, and data or database security.
SpinSys is experienced in using industry standard security assessment tools such as Retina, TripWire, Nessus, WebInspect, and DOD tools, to include STIG, SRR, and GoldDisk. We provide experience in network infrastructure security with technologies such as Cisco PIX Firewalls, network intrusion detection, and network access control lists.
The SpinSys team has instrumental in securing and accrediting several major US Air Force (USAF) applications within the USAF application infrastructure. In order to obtain the DITSCAP and DIACAP certification and accreditation we provided the underlying network and application security to meet the strict Department of Defense standards. Our team was able to provide this expertise on two major applications and this continues to date with yearly re-accreditations.
Our security engineers are ISC2 Certified Information Systems Security Professionals (CISSP). In support of the United States Air Force, they have assisted at differing levels of compliance execution of the DIACAP Implementation Plan. Their efforts have resulted in obtaining and maintaining a positive accreditation decision (IATT – Interim Authority to Test, IATO – Interim Authority to Operate, and ATO – Authority to Operate).
Our services are tailored to the needs of the organization based on certification standards utilized for the Certification and Accreditation for DoD or NIST. We support organizations from all branches of the DoD; the US Army, Department of the Navy, US Air Force, TRICARE, and other Federal Agencies.
As part of the hardening of the application security posture, we improve application security by:
Analysis of the application architecture and documentation to better understand and evaluate risk