A sorted, distributed key/value store that provides robust, scalable data storage and retrieval. It adds cell-based access control and a server-side programming mechanism that can modify key/value pairs at various points in the data management process.
A powerful plugin framework for converting your functions into composable, discoverable, production-ready services with minimal overhead.
Identifies unexpected and prohibited Certificate Authority certificates on Windows systems.
CONTROL FLOW INTEGRITY RESEARCH
A proposed hardware-based method for stopping known memory corruption exploitation techniques described in the “Hardware Control Flow Integrity for an IT Ecosystem” research paper.
General purpose ingest and query framework that leverages Apache Accumulo to facilitate persistence, indexing, and retrieval of both structured and unstructured textual objects.
A program that reduces the timespan needed for making a forensic copy of hard drives for forensic analysis.
Emissary is a P2P based data-driven workflow engine that runs in a heterogenous possibly widely dispersed, multi-tiered P2P network of compute resources.
A web enabled prototype tool that implements the Open Checklist Interactive Language (OCIL) capabilities for creating, managing, and responding to questionnaires.
An indexing and search system for queries on sequences of bytes that offers lightning-fast searches on data of arbitrary formats.
Ghidra is a software reverse engineering (SRE) framework that helps analyze malicious code and malware like viruses.
An easy to use and portable Virtual Private Network system built with Linux and a Raspberry Pi 3.
Provides network situational awareness of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks to support network security.
Log-based transactional graph database engine backed by a single file. The primary use case is to support streaming seed set expansion, iterative correlation, and recursive file processing.
A prototype that demonstrates a method for scoring how well Windows systems have implemented some of the top 10 IA mitigation strategies.
Assesses the security state of an ARM-based device by examining the system register interface of the processor.
NB Gallery is a publishing, sharing, and collaboration platform for Jupyter-based analytics.
Automates the flow of data between systems. NiFi implements concepts of Flow-Based Programming and solves common data flow problems faced by enterprises.
Radically simplifies the operation of enterprise networks with SDN applications that reside on top of an OpenFlow-capable network controller.
Manages and standardizes existing commercial hard drives.
Verifies system integrity by establishing a baseline measurement of a system’s Trusted Platform Module (TPM) and monitors for changes in that measurement. Originally based on NSA’s Host Integrity at Startup (HIS) software.
A modular suite of “plug and play” services and capabilities, allowing organizations to customize the suite to meet their specific environments.
Couples corporate object storage capabilities with a flexible policy language for customization of access control, retention, and storage of data within the same system.
A software-defined radio (SDR) framework designed to support the development, deployment, and management of real-time software radio applications.
Measures the degree to which specific aspects of the top 10 IA mitigation strategies have been deployed on Windows systems.
SCAP SECURITY GUIDE (SSG)
Delivers security guidance, baselines, and associated validation mechanisms using the Security Content Automation Protocol (SCAP) for hardening Red Hat products.
SECURE HOST BASELINE (SHB)
Group Policy Objects, configuration files, compliance checks, and scripts that support implementing the DoD Secure Host Baseline for Windows 10.
SECURITY-ENHANCED LINUX (SELINUX)
A mandatory access control mechanism in the Linux kernel that checks for allowed operations after standard discretionary access controls are checked. It can enforce rules on files and processes in a Linux system, and on the actions they perform, based on defined policies. SELinux has been part of the Linux kernel since version 2.6.0.
SECURITY ENHANCEMENTS FOR ANDROID (SEANDROID)
Confines privileged processes based on security policies by enforcing mandatory access control over all Android processes. SE for Android has been part of Android since Android 4.3.
SIMON AND SPECK
The Simon and Speck families of lightweight block ciphers.
SYSTEM INTEGRITY MANAGEMENT PLATFORM (SIMP)
Automates system configuration and compliance of Linux operating systems so they conform to industry best practices.
Provides a mechanism for network defenders, security professionals, and decision makers to quantitatively measure the effectiveness of their security posture.
An architecture for processing metadata designed to take in a set of streaming events from multiple sources, process them through a set of modules, and return meaningful outputs.
Retrieves the definitions of Windows Event Log messages embedded in operating system binaries.