Vulnerability scanning, security assessments and resolution findings

We eliminated more than 400 Java vulnerabilities across NBS systems and more than 640 OS and Database vulnerabilities over the last 3 years for NIH. We also conduct and manage the COOP testing on a bi-annual basis. For vulnerabilities, we provide the root cause analysis, a proposed resolution, an estimated level of effort, and any potential side effects and once approved, implement the approved changes. For audit remediation, we provide technical documentation, ad hoc database queries, data samples, and code where requested by the auditors and provide technical assistance to remediate audit findings. We also perform routine and recurring infrastructure support activities required to ensure NBS maintains production and non-production instances and environments at agreed Service Levels to meet the availability, reliability, continuity, and security requirements needed by NBS and the NIH community.

As part of this task, we also manage and oversee the implementation of Artificial Intelligence-based autonomous Cyber Attack Detection and Self-Healing (DarkTrace) solution by CIT which creates unique behavioral models for every user and device across the NIH enterprise and analyzing the relationships between them. Leveraging its unique machine learning algorithms, we assist in evolving the understanding of an NIH’s ‘pattern of life’, spotting very subtle changes in behaviors, as they occur. These behavioral changes are correlated and filtered, in order to detect emerging Cyber- threats, insider threats, and anomalies.