• Print

Cybersecurity

Saalex Solutions (Saalex) provides information technology (IT) services and Cybersecurity solutions for several government and defense operations nationwide. We ensure continuity of operations with services such as continuous monitoring, evaluating critical security controls, penetration testing, vulnerability scanning, security operations center (SOC) monitoring, data transport modeling, artificial intelligence applications and advanced persistent threat (APT) interdiction technology.

Saalex provides assessments and offers security roadmap recommendations for robust cybersecurity risk management plans. This includes preventative measures against cyber threats such as zero-day attacks and APTs. In order to keep federal agencies in alignment with NIST compliance standards, a defense in depth approach is highly recommended by security experts. This cloud-based threat analytics system delivers comprehensive feedback from each security layer, providing automated scanning of network assets, analysis of traffic and data to reveal potential threats and centralized controls. We recommend the following elements of an integrated cybersecurity plan to secure and protect any organization’s IT infrastructure.

SIEM/SOC

Saalex provides many organizations with Security Information and Event Management (SIEM) technology to proactively respond and mitigate potential cyber breaches before they inflict irreparable damage. Key features of SIEM include the ability to collect network forensics data, safeguard data storage and automate the creation of regulatory reports to ensure corporate and government compliance. SIEMs aggregate relevant data logs from multiple sources and identify anomalies, enabling IT staff or SOC personnel to take appropriate and immediate action. Having a professionally monitored SIEM in place with 24/7/365 SOC monitoring provides a comprehensive view across your IT infrastructure and enhances your network security posture.

Security, Compliance & Regulations

Saalex has been compliant with the National Institute of Standards and Technology, NIST 800-171 since December 2017.  Achieving NIST 800-171 compliance requires a thorough security assessment of our networks, processes and procedures to comply with required security policies. Saalex continues to monitor our networks, and review mandated policies to maintain compliance, demonstrating our commitment to security for our customers and ourselves.

Defense Federal Acquisition Regulation Supplement (DFARS) has mandated minimum security standards in the NIST Special Publication 800-171 “Protecting Controlled Unclassified Information in Non-Federal Information Systems and Organizations.” Any organization that deals with controlled unclassified information (CUI) must comply with NIST 800-171, created specifically for non-federal information systems to secure government data.

Any organization that processes, stores or transmits federal contract information must provide evidence of security protections and compliance or risk the loss of contract awards and the ability to compete for future awards. Contractors and subcontractors must demonstrate “adequate security” as specified by NIST 800-171 and have cyber-incident policies and procedures in place that meet the DFARS requirements.

Threat Response

Saalex ensures organizations have all the necessary incident management policies and procedures in place before it’s too late. Preparation ensures that an incident management team is ready to act quickly at all phases of an incident, limiting potential damage while efficiently restoring operations. Smart organizations establish a return time objective (RTO), which outlines their recovery goals for a range of incidents, from natural disasters to data breaches.

Backup and Monitoring

Every organization needs to have a robust disaster recovery and data protection plan in place to deal with aggressive cybercriminal attacks and unexpected natural disasters. Leveraging next-gen technology such as SIEM/SOC Monitoring as a Service (Soc-as-a-Service) and Web Application Firewalls (WAF), Saalex helps to identify, halt and remediate cyberattacks with an industry-leading 15-minute service level agreement (SLA) for cyber-event notification.