|
|
||||
|
||||||
|
|
|
|
|
ServicesAt EWA, we are proud to provide cutting edge solutions in today’s world. Scroll through this page to browse our available services, or simply click the area of interest below. 24/7 Operations Center Management IIT has a proven approach to the design, development, and operation of customized command, control, and security centers effectively applying the most up to date communications, data management, and information visualization technologies. Our personnel, facilities, and communications are cleared at a Top Secret Level. To request more information, click here. Applied Semantic Technologies & Services Semantic automation is the process of determining and using meaning from natural language and unstructured text based information and making this information useful to humans and machines. EWA has processes in place and technology available that can help you deal with the information overload and interoperability challenges, particularly when dealing with unstructured text-based information. EWA can assist clients in applying the latest technology to determine meaning, concepts and themes of interest from unstructured text and related information. EWA has applied this technology in both the government and commercial sectors. Click here for more information from the corresponding EWA operating unit's website. Under the Blackhawk brand, EWA offers customer services in all areas of hardware design, software development, embedded emulation, and consulting. Click here for more information from the corresponding EWA operating unit's website. CanCERT™ is Canada’s first national Computer Emergency Response Team. CanCERT™ is a trusted center for the collection, analysis and dissemination of information related to networked computer threats, vulnerabilities, incidents and incident response for Canadian governments, businesses and academic organizations. Click here for more information from the corresponding EWA operating unit's website. IIT provides assistance to organizations in responding to and surviving information technology emergencies through collaboration with national and international teams to identify malicious activity at the earliest opportunity. We offer a range of information protection services to provide clients with the latest threats, vulnerabilities, and countermeasures relevant to their infrastructure and business sector. Click here for more information from the corresponding EWA operating unit's website. Common Criteria Product Evaluation EWA-Canada can test and evaluate products through Common Criteria Level 4. The Common Criteria process can be a lengthy and complex endeavor. Selecting an experienced, accredited testing facility can play a key role in ensuring a successful, cost-effective evaluation. The EWA-Canada IT Security Evaluation & Test Facility (ITSET) provides a full complement of capabilities that support all facets of the CC process. Click here for more information from the corresponding EWA operating unit's website. Network and host-based cyber forensics involve situations where data is stolen, or network misuse warrants further investigation and potential law enforcement involvement. As a key law enforcement support function, IIT has extensive experience with forensic analysis, evidence preservation, incident reconstruction, and data recovery. Click here for more information from the corresponding EWA operating unit's website. Critical Infrastructure Protection Critical Infrastructures are those systems that are necessary to the minimum operations of the economy and government, such as the water supply, food supply, transportation, oil and gas production, banking and finance, electrical generation, health and emergency services. Critical Infrastructure Protection refers to activities for protecting these systems and facilities. IIT offers a range of services to help protect the people, physical entities, and cyber systems essential to national security, public health, and economic stability against a host of natural and man-made threats. Click here for more information from the corresponding EWA operating unit's website. EWA provides a full suite of electronic warfare (EW) services. Our expertise includes: radar and communications, including electronic support measures (ESM), electronic countermeasures (ECM) and electronic counter-countermeasures (ECCM); EW operational support, including EW threat analysis, database programming; electro-optics; and the development of various technical software applications and data bases. Click here for more information from the corresponding EWA operating unit's website. Federal Information Processing Standard (FIPS) 140-2 specifies the security requirements which must be met in order for products to be validated under the Cryptographic Module Validation Program (CMVP). The CMVP is a joint program between the US National Institute of Standards and Technology (NIST) and the Communications Security Establishment Canada (CSEC). These two organizations oversee the validation of products and/or cryptographic modules to the FIPS 140-2 standard. The EWA-Canada IT Security Evaluation & Test Facility (ITSET) provides a full complement of capabilities that support all facets of the FIPS 140-2 process. Click here for more information from the corresponding EWA operating unit's website. Homeland Security, which herein encompasses Homeland Defense and Civil Support, requires the cooperation of three major entities: the federal government to provide intelligence and long-range interdiction; the private sector to provide immediate protection of its assets; and state and local municipalities to provide first responder capabilities. Each of these comes with its own distinctive challenges. IIT’s skilled personnel develop and enhance Anti-Terrorism (AT) plans, programs, and capabilities. We assess impacts and effects of Weapons of MASS destruction (WMD) and teach mobile analytical laboratory system operations for WMD response. With dedicated personnel experienced in strategic planning, information and intelligence sharing, risk management, vulnerability assessments, consequence management, and first responder training, IIT is ideally suited to help tackle the challenge, of homeland security. Click here for more information from the corresponding EWA operating unit's website. IIT provides a cost-efficient strategy for dealing with network security incidents. We have demonstrated expertise in designing Computer Incident Response Facilities and Teams, and can assist in building your team, to include development of technical and procedural policies and provide training resources. We also offer remote assistance and on-site incident analysis and recovery services. Click here for more information from the corresponding EWA operating unit's website. Defined as actions taken to influence, effect, or defend information systems and decision-making, Information Operations (IO) are comprised of specific capabilities to include Electronic Warfare (EW), Operations Security (OPSEC), Psychological Operations (PSYOP), Military Deception, Computer Network Operations (CNO), Destruction, Public Affairs (PA), Civil-Military Operations (CMO), Military Support to Public Diplomacy (MSPD), and Concepts of Operations (CONOPS). Our personnel prepare CONOPS for: Information Operations; WMD (Weapons of Mass Destruction) response teams and task forces; Joint Operation Centers; law enforcement operations; interagency training, education, and operations. IIT trains the National Guard Civil Support Teams and National Guard CBRNE Enhanced Response Forces. Our personnel has wide-ranging experience in the identification and defeat of Improvised Explosive devices (IED).We develop statewide capabilities and coordinate massive operations integrating local, state, and federal law enforcement including supporting Border Security operations and intelligence. IIT provides training and exercises in Hazardous Material Response, Handling, and Decontamination. We evaluate and enhance Emergency medical Services (EMS) response for mass casualty. IIT has extensive experience supporting each of these capabilities. IIT is the sole developer and trainer for the VS, Army’s Functional Area 30, and Information Operations training. We have trained all FA30 officers – over 600. Click here for more information from the corresponding EWA operating unit's website. Information accessibility, integrity, and sharing represent critical foundations of the National Homeland Security Strategy. Information fusion - tying together the appropriate pieces of information from multiple sources and providing that information quickly, securely, and confidentially to operations personnel who may then act upon it - is essential for detecting, preparing, preventing, protecting, responding, and recovering from crisis events. Incorporating the concepts of Information Operations allows IIT to gain and maintain information superiority for its clients, a condition that allows leaders to seize, retain, and exploit the initiative in a crisis event, facilitating more effective decision making and faster execution. Click here for more information from the corresponding EWA operating unit's website. IIT provides information assurance and system security support services to military, government, and commercial clients. Designed to work within customers’ existing IT infrastructures, our services provide value through our hands-on involvement with the technologies at the heart of today’s complex information systems. IIT has designed, tested, installed, and evaluated some of the most complex systems in the world. Click here for more information from the corresponding EWA operating unit's website. Information Technology Security Training EWA has developed and provided IT Security training in a number of areas. Most of these courses are still offered to clients on an as required basis, and have been most recently offered to financial sector clients, the US National Guard, and international clients. Product vendors have often requested tailored courses to ensure their staff understand the impact of changes in standards and how these changes could impact their future business plans and product roadmap. Click here for more information from the corresponding EWA operating unit's website. IIT provides support in the development, implementation and management of intelligence programs for the National Intelligence Community. IIT supplies direct 24 hour time-sensitive intelligence support to CENTCOM, SOCOM and JSOTF. We provide a robust, web-based Advance Geospational Intelligence (AGI) and Measurement and Signatures Intelligence (MASINT) Reporting and Dissemination (AMRDS) capability to the Army National to Tactical (NTT) Program. IIT personnel deliver full spectrum (intelligence cycle) support to S&TI MASINT (requirements definition through product dissemination). Our skilled personnel support SIGINT Architecture Planning, provide Geospatial Information Systems (GIS) analysis and All-Source analysis. Directly, we support the Army, INSCOM TROJAN program. This includes support in the development of INSCOM TROJAN POM and TROJAN system deployments and accreditations. Our intelligence personnel provide senior level staff support at all levels from Army Staff through MI Brigades including budget analysis, preparation, submission, and defense. Our skilled personnel provide the resources and tools to help collect and analyze accurate and up-to-date information. Click here for more information from the corresponding EWA operating unit's website. Homeland Security Presidential Directive 7 (HSPD-7) calls for the creation of private sector Information Sharing and Analysis Centers to protect United States critical infrastructures from attack, ninety-five percent of which are privately-owned. On a 24/7 basis ISACs collect and analyze information pertinent to their industry and focus on those incidents, threats and activities that most affect that industry. ISACs help identify critical infrastructure and the impacts of its loss or degradation. Filtering information from the global information environment by the threats and infrastructure vulnerabilities permits ISAC analysts to focus their efforts and helps the industry to prioritize the application of limited security resources.
Click here for more information from the corresponding EWA operating unit's website. EWA provides its clients with a powerful suite of Managed Security Services. Policy Management Enforcement, IDS/IPS Monitoring, VoIP/Telephony Security plus PKI Certificate Authority (CA) design development and operation are all available. Our expert security analysts provide you with peace of mind, 24/7, 365 days a year. Protecting your network and corporate assets is our highest priority and our unique combination of tools and expertise sets us apart from all others. As a Trusted Third Party (TTP), our clients can rest assured that their critical systems are our primary concern. Click here for more information from the corresponding EWA operating unit's website. National and International Trading Services Fowler Trading Company, Inc. operates in the international market buying and selling materials, technology and technology-related products. Fowler Trading Company, Inc. buys and sells for its own account, as well as acting as a broker for prospective buyers. To request more information, click here. Today’s hackers are smarter, faster, and harder to track than ever before. Penetration testing, sometimes referred to as Internet security auditing, network security assessment, or ethical hacking, involves using a trusted third party to perform penetration assignments to ensure that the organization maintains an effective barrier against a myriad of potential threats. It takes an expert to recognize what a skilled hacker can do. IIT’s penetration testing team has the experience and tools to yield high quality results. Our team researches the latest security issues, technologies, vulnerabilities and exposures, and uses this information to develop practical penetration tests, using an extensive suite of open source testing tools. Our testing approach is designed to provide our client’s with an accurate assessment of their security issues and needs and enables them to stay far ahead of individual hackers and organized cyber attack teams. IIT’s penetration testing methodology is both unobtrusive and ongoing. Testing is performed at random times throughout each cycle: business hours, nights, weekends, holidays, and peak hours. Significant time has been dedicated to ensuring that penetration testing does not slow down a network. In many instances, clients’ firewalls, IDS’ and other software have been completely unaware of the penetration testing. This allows IIT to test for security gaps that are more likely to appear during heavy traffic periods, without reducing client network response time. Click here for more information from the corresponding EWA operating unit's website. Payment Assurance Certification Support and Testing EWA-Canada has been conducting compliance and certification testing for payment terminals since 2003. EWA-Canada’s Payment Assurance Lab provides a complete offering of Certification Testing and Pre-Certification Assessment Services targeted for the Canadian, U.S. and global markets. EWA-Canada is independently PCI Accredited by Visa, MasterCard and JCB internationally, as well as Interac® in Canada, to provide these services for PIN Entry Devices (PED), Encrypting PIN Pads (EPP), Unattended Payment Terminals (UPT), Smart Cards and, network devices used in transaction networks. Our testing and certification services are recognized by a broad range of payment schemes and associations:
Click here for more information from the corresponding EWA operating unit's website. The ultimate verification of a potential vulnerability is to actually exploit it to compromise the system under test, and EWA is a recognized leader in conducting successful penetration tests. Our experience covers the full range of penetration testing from sophisticated penetration testing of core security technologies using custom-developed exploits to successful no-knowledge penetration tests of networks to “capture the flag” using a variety of technical and social engineering techniques. We also conduct penetration testing against specific technologies and network nodes, including the development of custom exploits, given full knowledge of system design, configuration and functions. We follow a systematic methodology to conduct penetration testing, and we work with our clients to ensure the proposed test approach and risks are understood prior to any testing being conducted, and that an exit criteria is negotiated and agreed upon (e.g. ability to read a specific file, ability to create or modify a database record, etc.). To request more information, click here. In a world increasingly dependent on information technology, concerns about the lack of security online and the potential loss of privacy are paramount. IIT professionals provide privacy PKI and related services that secure communications, to help ensure the privacy of our clients' valuable online information. Click here for more information from the corresponding EWA operating unit's website. IIT provides comprehensive program management services to government, military, and private sector clients. Whether managing a multi-disciplinary program or single project, IIT professionals combine subject matter expertise and technical resources to accomplish our clients' goals. Our services encompass all phases of a given project to include strategic planning and budgeting, design and development, training, on-site management and staff support, implementation and execution, documentation, and evaluation. Click here for more information from the corresponding EWA operating unit's website. IIT will work with you to implement an intrusion detection solution that will provide daily coverage of your network. We ensure reporting and incident analysis, provide you with an identification of the malicious activity, and recommend immediate actions to protect critical systems. Click here for more information from the corresponding EWA operating unit's website. Risk Management Our approach to risk assessments and risk management strategies include research to confirm our understanding of policies, operations and procedures, interviews using a pre-defined questionnaire to categorize types of client sensitive information holdings, a comprehensive review of the IT network security architecture to identify compliance issues, and the tailored implementation of best practices relating to security incident alerting, reporting and assessment guidelines. Our risk management services have been developed to assist our client in establishing a comprehensive framework while providing a format that integrates with existing risk management activities, and that is simple to implement, comprehend, and utilize for all stakeholders. We have covered the full range of vulnerability and penetration testing from routine testing of networks and web sites for vulnerabilities, through sophisticated penetration testing of core security technologies using custom-developed exploits, to successful no-knowledge penetration tests of networks to “capture the flag” using a variety of technical and social engineering techniques. Click here for more information from the corresponding EWA operating unit's website. Risk Management Planning and Implementation Risk management is the continuous process of selecting, implementing, and monitoring countermeasures to maintain an acceptable level of risk at an acceptable cost. IIT begins the process with an assessment of an organization’s critical assets and the impact of their degradation, their vulnerability to exploitation, and the nature and likelihood of specific threats. This information is used to identify and evaluate risks and develop effective countermeasures to reduce that risk. Click here for more information from the corresponding EWA operating unit's website. SCAP Testing The Security Content Automation Protocol (SCAP) is a method for using a standards-based approach to automate vulnerability management, measurement and policy compliance evaluation. SCAP comprises the following set of open standards that address identification of software vulnerabilities, platforms and security relevant configuration issues; methods for determining the presence of vulnerabilities or other issues; and methods for assigning a score to discovered security issues in order to rank their severity and impact. As a fully accredited SCAP Test Lab, EWA-Canada can offer efficient and cost-effective help to our clients in obtaining certification of their products to any of the SCAP standards or SCAP capabilities. Click here for more information from the corresponding EWA operating unit's website. Software Engineering Services Software architecture, design and programming in all languages from machine higher level programming languages to include: C++, C-Sharp, .Net, SQL. To request more information, click here. System Security Engineering EWA provides a wide range of Systems Security Engineering consulting services that rely on a combination of people, processes and technology to define the requirements and ensure delivery of the right solution. Systems Security Engineering describes our strengths in systems engineering and Operational Concept Definition which encompass typical systems engineering activities related to small and large systems comprised of various technologies as well as security engineering which encompass the full “prevent, detect, analyze, and respond” cycle of activities. Click here for more information from the corresponding EWA operating unit's website. Systems Architecture and Integration IIT's deep understanding of system componentry and design enables us to analyze and diagnose varied systems environments including infrastructure, client/server, wireless, and remote access to ensure well structured and efficient systems. Click here for more information from the corresponding EWA operating unit's website. Testing and Evaluation Through extensive exposure to information technologies ranging from simple access control systems to the most complex incident modeling and logistic support networks, IIT operates an internationally recognized IT security Evaluation and Test laboratory. Services include pre-evaluation consulting, product evaluations based on ISO 15408 Common Criteria Standards, and cryptographic validation and testing to the FIPS 140 standards. Click here for more information from the corresponding EWA operating unit's website. Threat and Vulnerability Analysis As part of our unique focus on managing business and information related risk, IIT works with organizations to examine the threats they face and to analyze their unique vulnerabilities. The primary objectives of a vulnerability assessment (VA) are to provide information on the security and operational posture of a military unit or commercial enterprise to improve mission capability, and to protect proprietary technology/information by identifying Information Operations (IO) vulnerabilities in some or all of the following areas:
After analyzing the current situation and risk from all perspectives (people, processes, technology), the IIT team will produce a detailed report, complete with recommendations to address all findings. Customers may then rely on IIT for all security process reengineering, infrastructure improvement, training and implementation needs. Click here for more information from the corresponding EWA operating unit's website. Training and Certification IIT training and certification programs provide organizations with the tools to identify gaps in internal stakeholder awareness, design organization specific solutions, and measure results. Using extensive knowledge sharing and information transfer experience, and through experience with learning techniques and methodologies, IIT designs training programs that maximize knowledge transference, information retention, and education return on investment. IIT has a full range of capabilities to develop and deliver training and education including, technical training and college and advanced degree education. A full spectrum of delivery techniques is available, from individualized platforms to the most sophisticated interactive web-based methods. Click here for more information from the corresponding EWA operating unit's website. Please see our current offerings, listed below:
|
|
|
