Endeavor's goal is to help our Nation secure cyber space. Our team of highly-qualified information security specialists have worked to secure mission critical systems for numerous Federal agencies. Our government clients include the National Security Agency, the Department of Homeland Security, the Federal Aviation Administration, the Court Services and Offender Supervision Agency, the Department of Education and Federal Student Aid, the Department of the Treasury, and the Federal Deposit and Insurance Corporation.

At Endeavor, we forge enduring partnerships with our clients as we work together to solve their business challenges. In this section we provide a few brief examples of business problems we have helped our clients overcome.

The Federal Aviation Administration's mission is to provide the safest, most efficient aerospace system in the world. A significant component of ensuring the safety of the Nation's aerospace system is guaranteeing the security of the FAA's vital information systems. Endeavor Systems has over six years of experience protecting FAA's information infrastructure across a number of Lines of Business.

Here is a sample of some of our FAA work.

Certification & Accreditation

Issue - The Federal Aviation Administration's Telecommunications Infrastructure project (FTI) is a multi-billion dollar effort to develop and implement an integrated suite of products, services, and business practices to meet the telecommunications needs of the National Airspace System. The FTI program office was attempting to secure authorization to bring their systems online, but the primary telecommunications provider was unable to produce the necessary security documentation to meet FAA documentation and testing requirements.

Action - Endeavor was assigned the primary security lead and set an aggressive timetable for documentation collection, production, and delivery. This required rewriting a number of documents generated by the system developer in order to meet FAA content and format requirements. Our team traveled to the system developer's office to conduct interviews with staff, and to capture missing and vague information. A number of documents had to be rewritten from scratch.

Results - Despite the tight timetable, Endeavor managed to deliver the C&A package one week ahead of schedule and significantly under budget. We are continuing to support the FTI program office with their Certification and Accreditation activities, and have developed a customized, efficient, repeatable process for certifying a number of different transport infrastructures. As the result of our efforts, Certification & Accreditation now operates at one third of its initial budget.

Security Policy Support

Issue - The US Government has mandated that all Federal Agencies implement IPv6 by June 2008. IPv6 is a much larger address space than IPv4, and allows greater flexibility in assigning network addresses. However its implementation raises a number of complex security issues. Like all Federal Agencies, FAA is currently managing the difficult transition from IPv4 to IPv6.

Action - Endeavor is responsible for analyzing the impact of IPv6 on FAA operations and information security. Our expert team of security consultants have extensively researched DoD findings, MITRE findings, and attended a number of commercial seminars in order to advise FAA on the best migration strategy to help limit security risk. Endeavor also conducted a detailed review of FAA systems in order to determine other IPv6-related security issues not documented in these public sources.

Results - Over the course of our research, Endeavor consultants determined that a majority of the network management software and operational procedures used by FAA simply would not work in an IPv6 environment. This includes critical applications related to vulnerability scanning and patch management, software that cannot function reasonably in an IPv6 address space. Following our identification of these problems, we are currently helping FAA and the system developers craft policy to mitigate these vulnerabilities and ensure a smooth transition of vital FAA systems to the new IPv6 reality.

Web Application Development

Issue - Endeavor was tasked by the FAA's Office of Information Security (AIS) with developing an improved web-based business portal. The existing web application was insufficient to meet the client's needs, and development had come to a standstill.

Action - Endeavor composed a project recovery strategy, including a new project plan with aggressive milestones. After developing this detailed, step-by-step strategy, we rapidly assembled and deployed a skilled web application development team.

Results - Endeavor resurrected a failing project and delivered tangible, functional results within 120 days of requirements validation and approval. Our web application developers created a widely-accessible web application for disseminating training and awareness information to FAA information security personnel. Our efforts also include database design for the Annual Information Technology and Information Systems Security Partnership Conference registration website, as well as the development of general web-based training and awareness toolsets. We proved that Endeavor professionals excel in both project management and system development.

Training & Awareness Conference Management

Issue - FAA's Office of Information Security (AIS) is responsible for providing information security training and awareness to FAA employees nationwide. AIS needed a forum for bringing together FAA Information System Security Officers and IT specialists from across the nation for a training and intra-agency networking event.

Action - In response to this need, Endeavor developed and continues to support what has become the annual Information Technology and Information Systems Security Partnership and Training Conference. We engage in everything from initial site selection, to conference branding and advertising, to managing registration and conducting post-event survey analysis. Endeavor consultants strictly monitor the conference's cost and are able to provide FAA senior management, on demand, detailed cost justification presentations. Moreover, our team created training material and delivered several training presentations, including the popular "ask a hacker" series, as well as an award-winning Certification & Accreditation training session.

Results - In the 2008 conference, over 400 ISS key personnel and IT specialists received specialized training and gained valuable networking opportunities with individuals from other regions, and with the 115 exhibitors on-hand. Our team received an award for our outstanding contribution to this important training event.

The Federal Deposit and Insurance Corporation contributes to the stability of and public confidence in the nation's financial system by insuring deposits, examining and supervising financial institutions, and managing receiverships. With an insurance fund totaling more than $49 billion, FDIC insures more than $3 trillion of deposits, and directly examines and supervises over 5,000 financial institutions.

As a crucial bulwark for the nation's financial system, FDIC faces a myriad of unique security challenges. As a premier provider of Information Assurance services, Endeavor Systems, plays a major role in helping FDIC achieve their vital information security objectives. As part of this effort, Endeavor Systems is currently engaged in the design, implementation and support of FDIC's comprehensive security monitoring and assessment program. Our engineers are analyzing FDIC's security requirements, and constantly evaluating, recommending, and implementing new technology for improving our client's security infrastructure.

Rigorous Product Assessment and Security Architecture

Issue - FDIC was in need of a centralized Security Information Management (SIM) solution for consolidating system security information. They were overwhelmed with competing product choices, and required assistance assessing various options.

Action - Endeavor's consultants exhaustively analyzed the available solutions and came up with a shortlist of three final products. We subjected these potential solutions to a rigorous product assessment battery, including over 70 security test cases, before finally settling on the ArcSight Enterprise Security Manager (ESM). We prepared a comprehensive evaluation report for our client, and won approval this solution from the CIO's Architecture Review Board.

Results - After securing the Architecture Review Board's approval, our team of certified ArcSight Administrators set to work deploying the ArcSight system on behalf of FDIC.  We designed the architecture, delivered the SOPs, and are forming the methodology for ongoing development of ArcSight ESM as new connectors and requirements are made available.

The U.S. Department of Education's Office of Federal Student Aid (FSA) is the Department's largest agency, responsible for 80% of the Department's budget. FSA manages billions of dollars in student aid funds, and handles more than 20 million transactions with schools, financial partners, and millions of student accounts. FSA spends $450 million annually to process and store electronic data contained in 11 major systems. Moreover, FSA stores millions of records that include personal information such as social security numbers, bank account information, and other Personally Identifiable Information.

Since September 2004, our team has provided FSA with information security enterprise-level support, and innovative solutions for greater security and privacy. Not only has Endeavor created the foundation for an enterprise-wide information security and privacy program at FSA, we also serve as the centralized point of contact and response for security and privacy issues.

A few FSA highlights:

Development of Innovative Tools to Facilitate FISMA Compliance

Issue - The Federal Information Security Management Act of 2002 (FISMA) requires federal agencies to improve the security of their IT systems, applications, and databases. FISMA provides a baseline of information security requirements and practices that government agencies must follow. Like all Federal agencies, Federal Student Aid must achieve FISMA compliance.

Action - Endeavor has developed, deployed, and released to the public under an open source license a program called OpenFISMA. OpenFISMA is an automated FISMA reporting tool integrated with the NIST Vulnerability Database. It is capable of auto-loading POA&M and vulnerability items, as well as generating FISMA reports based on collected information. We successfully deployed this innovative tool at FSA, and have dramatically improved the efficiency of their FISMA compliance and reporting process.

Results - Currently in use at FSA, based on our experience we have further refined our OpenFISMA tool, and it can swiftly adapt to meet the unique information security needs of any agency. Moreover, while reporting is one of the major compliance requirements of FISMA, it is not the end of the story for the Endeavor team. We work closely with the System Security Officers even after the FISMA reports have been filed, and ensure that all security issues are thoroughly understood. We then work with SSO's to mitigate all identified security issues.

Security Certification Training

Issue - Organizations cannot protect the confidentiality, integrity, and availability of information in today's highly networked environment without ensuring that all people using IT systems are properly trained. Moreover, given the nature of FSA's mission, non-technical field employees nationwide often have full access to personally identifiable information. Efficiently disseminating training and awareness to this diffuse group is an essential part of maintaining the integrity of FSA's systems.

Action - Significant attention was given to training System Security Officers on security policy, procedures, and techniques, as well as the various management, operational and technical controls necessary to secure IT resources. Our team moved quickly to ensure continuous improvement by developing formal evaluation mechanisms to ensure the program's effectiveness. Moreover, In addition to communicating with technically inclined System Security Officers, Endeavor has implemented a rigorous privacy awareness program to reach the front line personnel at the agency who process Personally Identifiable Information on a daily basis. The Team travels to regions across the country to deliver hands on privacy training, and are adept and communicating highly-technical concepts to non-technical employees.

Results - Endeavor has created an extensive Security Certification Program, built in modular form, and have certified a number of Systems Security Officers. We have ensured that they fully understand their roles and responsibilities related to the organization mission, that they understand the organization's IT security policy, procedures, and practices. We also ensure that they have full knowledge of the various management, operational, and technical controls required to protect the IT resources for which they are responsible. We have also successfully trained numerous non-technical employees nationwide on privacy best-practices.

The National Security Agency's Disruptive Technology Office (formerly known as the Advanced Research and Development Activity program) is a research program tasked with tackling critical problems facing the Intelligence Community. Endeavor Systems won a $1.6 million Research & Development award from this group in October, 2003 to research and develop next-generation network defense solutions.

Issue - The Intelligence Community was in need of cutting-edge cyber defense technology.

Action - Endeavor engineers set to work developing a self-learning, self-defending network defense system. The patent-pending Dynamic Response System (DRS) we developed is capable of detecting new, "zero-day" attacks and self-generating defense mechanisms to protect the network. By networking our DRS systems, learned information can be shared across networks, thus strengthening cyber security. Over the course of our DRS research, Endeavor developed a wide-range of technology for analyzing attacks, including pattern recognition, subsequence analysis, passive mapping, and network obfuscation. Along with developing this technology, Endeavor also become expert in current attack methodologies. Part of Endeavor's testing included a global decoy grid, the FirstLight Early Warning System, designed to detect new attacks and track their mutation. This system is deployed in a global sensor grid, and these sensors use pattern recognition technology to analyze network traffic and generate classification signatures. Analyzing the metadata captured by our sensor grid allows our team to predict and respond to incoming attacks before they have a chance to harm your network.

Results - The successful of Endeavor's research enabled us to win a Phase II addition to the initial Phase I award. After careful market research, we commercialized the results of our team's research as the FirstLight Signature Service. This service provides leading IPS, UTM, and Firewall vendors with an industry-leading signature set that is constantly updated, revised, and extended to counter evolving cyber security threats.

The Court Services and Offender Supervision Agency (CSOSA) was created by the National Capital Revitalization and Self-Government Improvement Act of 1997. It is a federal agency tasked with increasing public safety, preventing crime, reducing recidivism, and supporting the fair administration of justice in the District of Columbia.

Inspector General Audits

Issue - Like other Federal Agencies, CSOSA is required to comply with the Federal Information Security Management Act (FISMA). Endeavor was retained by the agency to perform an independent, third party Inspector General's audit of CSOSA's information systems.

Action - Using Federal, NIST, OMB and agency directives, Endeavor engaged in a comprehensive top-down review of the agency's information security systems in order to ensure FISMA compliance. Our team gathered, reviewed, and analyzed system documentation and conducted detailed interviews with key IT personnel. After our audit, a final summary debriefing was conducted, detailing the audit findings for OCIO and COTR.

Results - An IG review requires critical analysis across a broad spectrum of security domains. The response must be accurate and unbiased. To accomplish these goals, the IG must have full knowledge of all pertinent Federal regulations, coupled with years of security and IT experience. Over the course of this project, Endeavor personnel conclusively demonstrated that they understand the intricate nature of auditing, Federal regulations, and the inner workings of enterprise IT operations.

Issue-The Department of Homeland Security was in need of an automated, repeatable process to defeat botnets, a collection of compromised systems under the control of a remote user. Endeavor was awarded a Small Business Innovative Research grant to develop a system for identifying and capturing the malware used to create botnets.

Action - Endeavor developed two distinct correlation techniques, Markov Chain correlation and Session / Pair / Source Correlation. Our work with DHS refined our correlation capability to highlight those sessions that are involved in the movement of malware. Once those sessions have been determined, Endeavor is capable of extracting malware and stopping attacks before hosts on your network are infected.

Results - Endeavor has successfully commercialized the results of our research as our Active Malware Protection (SMP) system. AMP protects against evolving threats by identifying new malware as it transits the network before hosts are infected.