Tracen’s Mobile Cybersecurity team provides mobile security strategy, policy, assessment and maintenance in enterprise environments.
Our cybersecurity team’s key focus is ensuring mobile applications are protected from malicious attacks as well as securing access into and out of protected networks.
Our cyber security professionals provide services and solutions that ensure the confidentiality, integrity, and availability of sensitive information and deliver continuous security assurance for business and government. The following outline our core cybersecurity practices:
- Apply knowledge of DoD, NIST, and other security standards to develop, evaluate and enhance mobile security requirements, policy and tools.
- Provide information assurance support for the development and implementation of security architectures to meet new and evolving security requirements.
- Analyze policies and procedures against Federal laws and regulations and provides recommendations for closing gaps.
- Complete Application Security Development (ASD) assessments both as a regular part of product lifecycles, and on demand in support of Certification and Accreditation (C&A) events.
- Conduct source code review using static (e.g. HP Fortify, Synopsys Coverity) and dynamic (e.g., fuzzers, Burp, ZAP) assessment tools.
- Evaluate the customer’s ASD processes and procedures for compliance with DoD Cybersecurity requirements (DISA ASD STIG).
- Test discovered vulnerabilities to determine full scope and impact.
- Perform data consolidation and analysis on test results based on NIST Risk Assessment methodology (SP 800-30 rev 1), documenting the results in standardized test artifacts.
- Research appropriate technical and/or procedural recommendations to improve the security state of the customer’s products.
- Present analysis and recommendations through formal reporting, both written and verbal, to developers and senior stakeholders.