USACE ERDC NIST RMF Support Project Details

Telephone: 1-844-NETIZEN

Tel: 1-844-NETIZEN
Email: team (at) Netizen.net

Client: U.S. Army Corps of Engineers
Category: Defense
Start Date: Sept. 30, 2016
End Date: Sept. 29, 2021
Total Value: $9,900,000.00
Total Personnel (FTE): 24.00

Work performed for the U.S. Army Corps of Engineers (USACE) Engineer Research and Development Center (ERDC) included NIST Risk Management Framework (RMF) security control assessment validation (SCA-V), evaluation, cybersecurity engineering, and compliance support for systems and enclaves ranging in size from 10 to 10,000 IT assets consisting of Windows 10, Windows 2008R2, 2012, Unix, Linux, network devices, databases, web servers, mail, active directory, firewalls, multi-function devices, or any IT capability that applies a DISA STIG or NIST 800-53 control as a security baseline. Tools utilized include Assured Compliance Assessment Solution (ACAS)/Nessus, DISA Security Compliance Checker (SCC), eMASS, and others. Assessments and tests of systems ranged from 1,700 to 3,000 compliance checks each.

Our validators not only identified non-compliant documentation, configurations and security controls, but made recommendations to the customers on how to improve their overall security and how to be compliant with DISA security STIGs, NIST RMF, and other guidance. Additionally, Netizen provided pre-assessment cybersecurity engineering services as Information System Security Officers (ISSOs), Information System Security Engineers (ISSEs), and Information System Security Managers (ISSMs) for DoD customers to secure, certify and maintain their classified (up to and including TS/SCI) and unclassified networks and systems. In these roles our team members were embedded within each customer organization to provide daily guidance and advisory for cybersecurity and compliance support operations.

All work followed U.S. Army NETCOM procedures and our team was one of the most successful Security Control Assessment Validation (SCA-V) teams across the entire U.S. Army. It was recognized by the USACE ERDC Chief Information Office (CIO) as such. Netizen also developed custom tools to support work on this effort, including the open source "AutoSTIG" validator tool suite which reduced compliance checking time on certain systems from several hours to mere minutes with an eMASS-compatible report.

Return to Project List Ask for a Similar Project

Ask for a Similar Project

Return to Project List

Project Testimonials

prev next

OCONUS Cybersecurity Assessment

"I have been through many inspections throughout my 30+ years with DoD and I can honestly say that this was the best assessment team/inspection I have been through."

Commander, U.S. Army

Security Assessment

"I just want to drop you a note about the professionalism of the SCAV team that performed inspection here. The Command was truly impressed with the professionalism and attention to detail they displayed. Having been through several CCRI's I was also impressed with team."

System Owner, U.S. Army Far East District (FED)

RMF SCA-V Support

"The SCA-V team significantly increased the cybersecurity posture for DOD systems by providing valuable cybersecurity engineering of critical USACE applications and closed restricted networks and recommending solutions to complete the Authority to Operate Risk Management Framework process."

Director, U.S. Army ERDC

HPCMP ISSE Support

"I want to send this note to address my kindest gratitude and thoughts with [NETIZEN EMPLOYEE]’s short tenure as the HPCMP SCA-Representative. Their professional contribution helped us achieve HPCMP’s objectives and maintain on time evaluations. Additionally, I appreciate his positive attitude and quick service he provided to the customer with enthusiasm and motivation. Furthermore, they will be missed and will achieve great things wherever the journey may take him. Thank you for having such a wonderful person and it was a great opportunity working with them."

Network ISSM, U.S. Army ERDC High Performance Computing Modernization Program (HPCMP)

Similar Projects

prev next