Cyber Security

Securing our world

Axiologic Solutions brings its passion for national security and mission success to every moment of our customer engagements. In the area of cyber security, we are the right partner to help you protect and defend your systems.

Today, all U.S. federal government agencies must follow the NIST Risk Management Framework (RMF) Special Publication (SP) 800-37 as the foundation for 1) the process for building a system, and 2) the process for conducting Assessment and Authorization (A&A) of a system, to ensure the secureness of the system and its applications before going into production. This is also required then every three to five years thereafter.

Axiologic Solutions has been performing A&A (and its predecessor Certification & Accreditation [C&A]) for over ten years. We have incorporated our experience to create the Axiologic Solutions Next Generation Assessment & Authorization Methodology – A2-TNG™. A2-TNG™ is made up of the following strategic and foundational elements:

  • DevSecOps – commonly accepted best practices
  • MLDevSecOps extension – Axiologic Solutions experience
  • DataSecOps – Axiologic Solutions experience
  • Penetration (Ethical) Testing – using commercial best practices
  • Continuous Monitoring – based on Axiologic Solutions ConMon architecture
  • Product Line Architectures – from the SEI

Addressing three primary classes of software (part of the RMF extension and optimization strategic argument):

  • Class #1 – Traditional 3GL/4GL programming language-based software that is largely deterministic in nature
    • Additional focus: data processing pipelines
    • Emerging platforms: mobile, IoT, Blockchain
    • Emerging architectures: ZTA, serverless, microservices
  • Class #2 – Software that creates and/or consumes models of various types (e.g., semantic, ML):
    • Data refinement pipelines
    • Model creation pipelines
    • Model validation
  • Class #3 – Software that emulates intelligence (assisted intelligence, augmented intelligence, or autonomous intelligence) or cognitive behavior that also shows non-deterministic behavior in support of Assisted AI, Augmented AI, or Autonomous AI