Cyber Security

Securing our world

Axiologic Solutions brings its passion for national security and mission success to every moment of our customer engagements. In the area of cyber security, we are the right partner to help you protect and defend your systems.

Today, all U.S. federal government agencies must follow the NIST Risk Management Framework (RMF) Special Publication (SP) 800-37 as the foundation for 1) the process for building a system, and 2) the process for conducting Assessment and Authorization (A&A) of a system, to ensure the secureness of the system and its applications before going into production. This is also required then every three to five years thereafter.

Axiologic Solutions has been performing A&A (and its predecessor Certification & Accreditation [C&A]) for over ten years. We have incorporated our experience to create the Axiologic Solutions Next Generation Assessment & Authorization Methodology – A2-TNG™. A2-TNG™ is made up of the following strategic and foundational elements:

Traditional A&A as defined by the Risk Management Framework (NIST SP 800-37) and FISMA – as the baseline
RMF extended for ML and AI including doing ML at enterprise scale – from the AXL corporate research and commercial work on how to do ML and AI at enterprise scale
Best practice elements of C&A and DIACAP – pre-2018
Modernization and optimizations to A&A – from the Axiologic Solutions experience, and other research

DevSecOps – commonly accepted best practices
MLDevSecOps extension – Axiologic Solutions experience
DataSecOps – Axiologic Solutions experience
Penetration (Ethical) Testing – using commercial best practices
Continuous Monitoring – based on Axiologic Solutions ConMon architecture
Product Line Architectures – from the SEI

Addressing three primary classes of software (part of the RMF extension and optimization strategic argument):

Class #1 – Traditional 3GL/4GL programming language-based software that is largely deterministic in nature
- Additional focus: data processing pipelines
- Emerging platforms: mobile, IoT, Blockchain
- Emerging architectures: ZTA, serverless, microservices
Class #2 – Software that creates and/or consumes models of various types (e.g., semantic, ML):
- Data refinement pipelines
- Model creation pipelines
- Model validation
Class #3 – Software that emulates intelligence (assisted intelligence, augmented intelligence, or autonomous intelligence) or cognitive behavior that also shows non-deterministic behavior in support of Assisted AI, Augmented AI, or Autonomous AI

ADDITIONAL RESOURCES

Cyber Security | Specializations | Representative Work | Related Service Areas

Career Opportunities

Cyber Security

Securing our world

ADDITIONAL RESOURCES