Competencies

Previous Next

Cybersecurity

  • Overview

    Covering the entire spectrum of cybersecurity to protect your mission.

    Alqimi is at the forefront of cyber warfare in cyber operations and exploitation. We are a leader in all aspects of cybersecurity; our team has more than 15 years of experience providing security solutions to the Department of Defense (DoD) and the Intelligence Community (IC). Our experts are certified and accredited in providing the best cybersecurity capabilities in the industry. We help you protect your data, systems, and networks so that you can focus on your mission.

    Our approach addresses Computer Network Operations (CNO) including: Computer Network Attack (CNA), Computer Network Defense (CND) and related Computer Network Exploitation (CNE) to enable analysis awareness, remediation and risk management.  For additional details, refer to the Cyber Operations section.

    Our comprehensive cybersecurity services include:

    • Providing architecture, design, forensics, network, malware, and penetration-testing cybersecurity engineers
    • Performing comprehensive risk and vulnerability assessments (we have DoD, IC, and commercial-industry experience and expertise)
    • Offering remediation options and threat-management capabilities
    • Designing superior security systems (PL-2 through PL-5) with appropriate defense-in-depth
    • Providing Assessment and Authorization (FISMA) preparatory services and System Security Plan (SSP) leadership and support
    • Designing and implementing incident-management solutions

    Alqimi has expertise in the following types of compliance:

    • Director of Central Intelligence Directives (DCID)
    • Health Insurance Portability and Accountability Act (HIPAA)
    • Federal Information Security Management Act (FISMA)
    • Federal Information Processing Standards (FIPS)
    • National Institute of Standards and Technology (NIST)
    • Federal Risk and Authorization Management Program (FedRAMP)
    • Department of Defense (DoD) Information Assurance Certification and Accreditation Process (DIACAP)

     

     

  • Security Health Check

    A quick-look risk assessment of your networking and operating environments.

    For a relatively small investment, our security health check can return big dividends for your organization. We assess your security profile to determine areas where additional, in-depth examination is appropriate. The resulting report identifies security gaps and provides you with a high-level work plan to correct and mitigate risks. The work plan includes priority recommendations and a process to track the resolution of priority items.

    Our security health check also provides you with a roadmap for future efforts. This helps to ensure that adequate controls are in place to address business risks and obtain maximum ROI on security measures. In addition, you receive a framework to effectively prioritize recommendations based on risk considerations, along with cost estimates for implementing changes.

  • Certification & Accreditation

    Reliable evaluation, testing and validation of C&A processes.

    Alqimi understands compliance requirements and knows how to evaluate your organization for compliance. We have extensive experience with compliance planning, execution, and monitoring through our work with the DoD, IC, civilian agencies, and healthcare organizations.

    We have written security plans for facilities, systems, and missions. We ensure thorough documentation as required for each area of compliance. We also ensure that all of your IT processes, operations, and documentation are consistent with the compliance requirements mandated for your organization.

    Our security experts provide a complete range of testing and reporting services to help you save time, money, and paperwork. In the intelligence and cybersecurity arenas, your personnel must be able to rely on a credible assessment of whether an IT system is ready for production. With Alqimi, you can depend on best practices and detailed documentation.

     

  • IT Risk & Threat Management

    Preventing, identifying, intercepting, neutralizing, and counteracting security attacks.

    In the arena of IT risk and threat management, Alqimi is uniquely positioned as a small company with cybersecurity expertise and experience that is both broad and deep. Years of experience in DoD and IC IT operations have given us an in-depth understanding of security products and security solutions. Our experience has also kept us on the leading edge of intercepting, recognizing, and neutralizing security attacks. We’ll work with you to first determine your vulnerabilities and risks, and then to design a program for your unique security needs and requirements.

    Count on Alqimi to handle all aspects of IT risk and threat management:

    Incident Management: Alqimi can help build, deploy, and operate successful incident-management capabilities. Properly identifying, isolating, analyzing, and responding to incidents is the key to maintaining your agency’s security posture. Our multi-dimensional approach to cybersecurity operations covers people, processes, and products. Excellent vendor relationships and the best security products in the industry help us to craft solutions for your organization’s specific security needs.

    Penetration Testing: Alqimi has performed penetration testing for the Census Bureau and other government agencies. We are uniquely staffed to perform penetration testing as an objective third party, whether as an ST&E activity requirement for your GSS and MA C&A submissions, or in response to other business drivers that result in ad-hoc requests to your IT department. We generally conduct two separate probes—an external probe of the public access firewall and an internal probe of the targeted web, application, and/or database servers. Internal probes are coordinated with system owners and performed with their full knowledge.

    Our methodology uses a sampling approach whenever possible. Depending on the vulnerabilities found, we may further probe a successfully compromised system to better characterize the vulnerability path and potential design flaws. We provide extensive reporting and documentation of our results and recommend remediation based on risk prioritization.

  • Cyber Operations

    Defensive and offensive security services for your systems.

    As technology advances and organizations rely almost exclusively on electronic data to operate, computer and network systems are increasingly under attack from threats of all kinds. Alqimi provides a wide range of services in the cyber operations area under contract with many government agencies. Our customers count on us to prevent sensitive systems from being hacked or infiltrated.

    From planning to design to operations, Alqimi is at the forefront of combating cyber terrorism and cyber crime.

    Our cybersecurity services include:

    • Network Security Analysis
    • Operating Systems Security Analysis
    • Malware Security Analysis
    • Active Incident Management

     

  • Cross-Domain Solutions

    Share and access information without compromising security.

    Alqimi has more than a decade of experience designing, developing, and deploying cross-domain solutions for the DoD and IC. Our deployment skills cover the entire range of cross-domain solutions, from one-way transfer solutions and single-email systems with attachments to print and browse-down solutions.

    We have developed, deployed, and operated PL-2 through PL-5 systems and have proscribed and executed the testing and System Security Plans (SSPs) required for these systems. We have also deployed multi-level secure solutions combined with multi-secure layer solutions and virtual desktops (or approved thin-client desktops). Many of these solutions are on the leading edge of security implementations today.

    We are ready to employ our accredited cross-domain solutions to advance your mission:

    • Multi-level secure systems
    • Multi-layer secure systems
    • Secure bulk data transfer
    • Browse-down services
    • Secure print services
    • Anonymization services
    • Misattribution services
    • Secure desktops and laptops
    • Secure wireless devices and personas