QSMO Services - Security Continuous Monitoring


Services that help monitor information systems and assets to identify cybersecurity events and verify the effectiveness of protective measures. Select the services and agency provider logos below to contact service providers directly and learn more about how to obtain these services.

Cyber Threat Hunt Assessment

DOJDOJ's Cyber Threat Hunt Assessment provides agencies with the ability to proactively search through networks and systems to identify threats that have already bypassed network defenses and established a foothold. Attackers may remain in networks for months, collecting data, searching for confidential material, and moving laterally to execute their objectives. DOJ's Cyber Threat Hunt Assessments deliver an essential component of an agency's cyber defense strategy – namely the detection capabilities needed to stop these advanced threats from attacking and remaining in the network.


Information System Security Officer (ISSO) Continuous Monitoring

HHSThis Continuous Monitoring service conducts annual assessments of subset security controls; reviews system-level reports, audit logs, and vulnerability scan reports; reviews/updates system security documentation; and conducts annual contingency planning table-top testing.

 

 


Security Consultation Services (SCS) Continuous Monitoring

HHSThis Continuous Monitoring service conducts annual assessments of subset security controls; reviews system-level reports, audit logs, and vulnerability scan reports; reviews/updates system security documentation; and conducts annual contingency planning table-top testing.

 

 


Security Monitoring

HHSThis Security Monitoring service includes remediation scanning/quarterly scanning; an annual assessment when applicable; and Security Control Assessments for system accreditation.

 

 


Security Operations Center as a Service (SOCaaS)

DOJDOJ's SOCaaS delivers 24x7x365 threat monitoring, detection and incident response, threat intelligence, and cybersecurity investigations to customers via the Justice Security Operations Center (JSOC). The JSOC leverages a combination of technologies, analytics, and specialized skills to enable rapid detection, analysis, and investigation of incidents. Agencies benefit from DOJ's end-to-end SOC capabilities that adhere to the DHS Cybersecurity and Infrastructure Security Agency (CISA) guidelines for SOC shared service providers. Our client-centric service is tailored for the agency and includes personalized onboarding and ongoing support. Capabilities include:

  • Cyber threat intelligence
  • Network and system monitoring
  • Incident response
  • Cyber hunt
  • Logging-as-a-Service
  • Managed Security Information and Event Management (SIEM)
  • Client portal for metrics and dashboards
  • SOC resilience
  • Forensics
  • Onboarding and customer support

Vulnerability Management - Vulnerability Scanning, Analysis, and Reporting

DOJDOJ offers both ongoing and ad hoc vulnerability scanning to help customers detect databases, operating systems, applications, web applications, and endpoints that may be vulnerable to attack while understanding the nature of the vulnerabilities. DOJ does not provide patching or flaw remediation, but DOJ collaborates with customers to ensure the outputs of vulnerability scans support flaw remediation efforts and provide recommendations for remediation of vulnerabilities. Capabilities include:

  • Vulnerability tools and scanning
  • Compliance scanning
  • Expert analysis and reporting
  • Ongoing vulnerability management
  • Ad hoc vulnerability assessment

Was this webpage helpful?  Yes  |  Somewhat  |  No