Cybersecurity & Information Assurance

CTAC provides Fedramp, agency, and industry based security services to protect your services, IT systems, and data. We specialize designing and supporting FedRamp and agency specific Certification & Accreditation (C&A), System Security Plans (SSP), and Authority to Operate (ATO).

Systems Security and Engineering

Our approach to systems engineering is focused on maintaining a secure, operational and cost-effective environment.

  • System benchmark against NIST standards and known vulnerabilities
  • Cloud vendor, operating system and software configuration best practices
  • Cost and Benefit Analysis
  • Requirements analysis and architecture design
  • Cloud migrations
  • COTS customization and implementation
  • Elastic infrastructure

We manage your virtual data center using state-of-the-art tools and services such as cloud APIs, configuration management, continuous integration and continuous deployment.

Systems Vulnerability Management

We monitor industry communication channels for zero-day, out-of-band and known threats against our customer’s environment. CTAC ensures that attack surfaces are secured and threat countermeasures are deployed according to NIST standards and guidelines.

  • Continuous monitoring of environment changes
  • Scheduled and adhoc vulnerability scans
  • Scheduled and adhoc policy scans
  • Compliance of security policies
  • Audit of inventory change control
  • Intrusion detection

Identity Management

CTAC employs various tools to maximize application and server security while minimizing cost, down time and repetitive tasks. Such tools include but are not limited to LDAP, third party single sign on (SSO) and Multi-factor authentication (MFA).

Risk Management

  • Monitoring
  • Cost analysis and recommendations
  • Security and policy compliance
  • ITIL Continual service improvement
  • Business Continuity
    • Backup and restoration
    • Disaster recovery