Download - Red Trident Incorporated Capability Brief
![Page 1: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/1.jpg)
RED TRIDENT INCORPORATEDCorporate Capability BriefQ2 2017
Mike Van ChauBusiness Development / Cyber Security Consultant [email protected]: 832-707-2693www.redtridentinc.com
![Page 2: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/2.jpg)
Our Mission
Provide cyber security and automation solutions for protecting and securing our Nation’s critical infrastructure.
2
![Page 3: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/3.jpg)
Corporate Leadership
• Red Trident Inc. is a Service Disabled Veteran Owned Small Business (SD-VOSB) dedicated to providing solutions to potential problems that could either impact an organization’s ability to operate or threaten critical infrastructure
• Over 20 years of Operational Technology (OT) and Information Technology (IT) Cyber Security Expertise (Engineering, Design, Architecture, Programmatic Implementation, Incident Management, Operational and Situational Awareness)
• Experience with classified and unclassified Department of Defense and NASA Projects
• Exceptional performance in cyber security and industrial control systems automation in DoD, Oil & Gas (upstream, midstream, downstream), Utility, Chemical, and Heavy Manufacturing
Tony Gore, CEO
Emmett Moore, COO
3
![Page 4: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/4.jpg)
Guiding Principals
• Our Vision is to revolutionize the ICS markets of the world with advanced cyber solutions
₋ We are advancing industrial technologies to defend against global threats
₋ We implement resiliency for critical infrastructure to enable safer and more secure operations
• What sets us apart?
₋ Our leadership team of veterans and highly experienced professionals have a passion for the larger mission of protecting society and the local economy
₋ People count on us to be responsible with their investments and sensitive to their business processes
₋ We build long-term relationships and partner with our clients
• How do we achieve long-term success?
₋ By having deep technical understanding of both the OT and IT environment in multiple sectors
₋ Through agility and the highest level of quality with our services and solutions
4
![Page 5: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/5.jpg)
Technology Expertise
Red Trident is vendor agnostic, but well versed in leading IT and OT products and platforms including:
• Siemens, Rockwell Automation, Schneider Electric, ABB, GE, Emerson, Honeywell, Bedrock Automation, etc.
• Palo Alto, Cisco, Ixia, Fortinet, Juniper, Tofino, Tripwire, 3ETI, OSIsoft, Kepware, etc.
• AlienVault Unified Security Management Platform, Splunk, IBM QRadar, Nitrosecurity, Claroty, Indegy, etc.
• White Cloud Security, Cylance, RiskSense, Metasploit, etc.
• Over 100 COTS and Open Source (passive and active) pen testing, vulnerability scanning, monitoring, logging, correlation, and forensics tools
• Proprietary technologies and platforms internally developed and integrated using middleware, COTS and open source tools (e.g. Cloud Computing, Big Data, IoT, and IIoT)
5
![Page 6: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/6.jpg)
Technology and Community Ecosystem (Work in Progress)
66
![Page 7: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/7.jpg)
Service Categories
Operational Efficiency
AutomationIT / OT
Security
RFEngineering
Research & Development
7
Critical Infrastructure• Energy• Oil & Gas• Chemical• Manufacturing• Robotics• Data Centers• Aerospace• Transportation• Healthcare• Financial
Cyber Security• Operations Technology• Information Technology• Internet of Things (IoT)• Industrial Internet of
Things (IIoT)• Building Management
Systems• Perimeter Security
Systems• HVAC, Water, and Power
Distribution Systems
![Page 8: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/8.jpg)
Cyber Security for ICS, SCADA, IT, IoT and IIoT
8
Operational Efficiency
AutomationIT / OT
Security
RFEngineering
Research & Development
• Security Assessments
• Security Program Development
• Security Architecture
• End Point Security
• Network Security
• Compliance Audits
• Incident Management
• ICS Cyber Security Training
• IT & OT Cyber Product Training
![Page 9: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/9.jpg)
Cyber Security Operations Center Services
9
Operational Efficiency
AutomationIT / OT
Security
RFEngineering
Research & Development
• Managed Security Services
• SIEM Configuration
• Network Appliance Log Integration
• Alarm Management and Notification
• Continuous Monitoring & Incident Response
• Continuous Compliance Reporting
• Threat Intelligence
• Compliance with NIST 800-82, IEC-62443 and NERC CIP
![Page 10: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/10.jpg)
Automation Engineering & Virtualization
10
Operational Efficiency
AutomationIT / OT
Security
RFEngineering
Research & Development
• 24/7/365 support
• ICS/HMI/SCADA Design
• Panel Design and Fabrication
• Control System Migration
• Control System Architecture Design
• Control Systems Virtualization & Management
• Adaptive and Advanced Analytics
• General Contractor Project Mgmt.
• SAT and FAT
![Page 11: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/11.jpg)
Industrial Network Architecture & Implementation
11
Operational Efficiency
AutomationIT / OT
Security
RFEngineering
Research & Development
• Cable planning, installation and demolition
• Firewall, router, switch management and configuration
• Network architecture and wireless networking 802.1x
• Server and PC design, build and support
• Robotic Manufacturing
![Page 12: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/12.jpg)
RF Engineering Solutions & Services
12
Operational Efficiency
AutomationIT / OT
Security
RFEngineering
Research & Development
• Wireless backhaul networks
• Full RF spectrum analysis and engineering
• FCC filings
• Point to Point Networks
• Point to Multi-Point Networks
• Static and Dynamic Mesh Networks
![Page 13: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/13.jpg)
Research & Development
13
• Vulnerability Research
• Cyber Security Product Development
• Training Mission Simulator
• Cyber Range Engineering
• Cyber Range Testing
• Vendor Product Assessments
Process Automation (OT)
Cyber Security
Operational Efficiency
AutomationIT / OT
Security
RFEngineering
Research & Development
![Page 14: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/14.jpg)
Operational Efficiency is our Primary Goal
14
Operational Efficiency
AutomationIT / OT
Security
RFEngineering
Research & Development
We implement Predictive, Preventative and Reactive Controls
• Process and Operational Optimization
• Quantitative Risk Assessments
• Reduction of Process Control Upsets
• Testing Equipment and Architectures in our Cyber Range
• Disaster Recovery, Return to Service and Business Continuity Planning
• Mitigation of Security Risks and Compromises
• Automated Asset Mgmt.
![Page 15: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/15.jpg)
Cyber Security Capability Maturity Model
15
We facilitate the development and implementation of an integrated security program while maximizing the return on investment
![Page 16: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/16.jpg)
Cyber Security Operations Center Services
Our Cyber Security Operations Center consolidates the critical tasks of monitoring, detecting and responding, along with engineering, implementation and maintenance, to effectively protect against cyber threats.
![Page 17: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/17.jpg)
Red Trident CSOC Services Goals
• Simplify how organizations detect and mitigate threats
• Enable organizations to benefit from the power of actionable threat intelligence & unified security
• Provide the perfect, affordable fit for organizations with limited budgets, in-house resources, and broad expertise
• Integrate Red Trident OT solutions with the USM platform as a Certified Managed Security Services Partner (MSSP)
17
![Page 18: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/18.jpg)
Cyber Security Operations Center Platform Capabilities
ASSET DISCOVERY• Active & Passive Network Scanning• Automated Asset Inventory & Security• Software Inventory
VULNERABILITY ASSESSMENT• Continuous Vulnerability Monitoring• Authenticated / Unauthenticated
Passive and Active Scanning• Remediation Verification
BEHAVIORAL MONITORING• Netflow Analysis• Service Availability Monitoring
SIEM• Log Management• OTX threat data• SIEM Event Correlation• Incident Management
INTRUSION DETECTION• Network IDS• Host IDS• File Integrity Monitoring Essential and Unified Security Controls
18
![Page 19: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/19.jpg)
An All-in-One Approach to Threat Detection
Unified Security Management (USM) Platform
• A single platform for simplified, accelerated threat detection,incident response & policy compliance
AlienVault Labs Threat Intelligence
• Actionable information about malicious actors, their tools, infrastructure and methods, automatically updated into the USM platform
Open Threat Exchange
• The world’s largest repository of threat data provides a continuous view of real time malicious activity
19
![Page 20: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/20.jpg)
Actionable Threat Intelligence: We do the Work!
• Automatically detect and prioritize threats through:
Correlation Directives
Network IDS Signatures
Host IDS Signatures
Asset Discovery Signatures
Vulnerability Assessment Signatures
Reporting Modules
Incident Response Templates
Data Source Plug-Ins
• Spend your time responding to threats, not researching them.
20
![Page 21: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/21.jpg)
Open Threat Exchange (OTX)
• The world’s first truly open threat intelligence community that enables collaborative defense with actionable, community-powered threat data
• With more than 37,000 participants in 140+ countries
• And more than 3 million threat indicators contributed daily
• Enables security professionals to share threat data and benefit from data shared by others
• Integrated with the USM platform to alert you when known bad actors are communicating with your systems
21
![Page 22: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/22.jpg)
AlienVault Technology Partners
• Zscaler
• Fireye
• Sophos
• IBM
• RedHat
• Cisco
• Carbon Black
• Barracuda
• WatchGuard
• F5
• Fortinet
• Microsoft
• 360
• Juniper Networks
• Eset
• Palo Alto Networks
• Blue Coat
• Apache Software Foundation
• CheckPoint
• Forcepoint
• Extreme Networks
• McAfee
• HP
• Cro
• Citrix
• Oracle
• Dell
• Trend Micro
• Symantec
• Linux
• Imperva
• Panda Security
• SonicWall
22
![Page 23: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/23.jpg)
AlienVault OTX Partners
• Intel Security
• Hewlett Packard Enterprise
• 8ack
• Carbon Black
• Blueliv
• Bringa
• Cegeka
• Centripetal Networks
• Cloudmark
• Columbus Business Solutions
• DataGravity
• Global Cyber Alliance
• GoGrid
• Immediate Insight
• Kenna
• NetFlowLogic
• NIDDEL
• NOPSEC
• Onsight
• RiskSense
• SpiceWorks
• Telefonica
• ThisData
• ThreatStop
• ThreatStream
• 360
• Ziften
• zscaler
23
![Page 24: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/24.jpg)
Deployment Options to Fit Your Needs
• On-premise, in the cloud, or with through Red Trident’s MSSP Offering
• Physical or virtual appliances for on-premise
• Choose All-in-One or separate components
24
All-in-One
Appliance
Separate Sensor,
Server, and Logger
components
![Page 25: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/25.jpg)
Security Platform Extended through Next Gen Firewalls
25
Operational Efficiencies
Managed Services
Endpoint Security
Continuous Monitoring
ICS Security Program Development & Implementation
ICS SecurityProcess and Workflow
Automation
Threat Hunting
![Page 26: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/26.jpg)
Incident Management & Response
![Page 27: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/27.jpg)
Tiers of Incident Management
27
Incident Management, which includes Incident Response, employs elements from:
• NIST 800-61 (IR Handling Guide)• NIST 800-82 (ICS Cybersecurity)• NIST 800-83 (Malware)• NIST 800-86 (Forensic Techniques)• NIST 800-92 (Log Management)• DHS ICS Cybersecurity IR
Recommended Practice• NERC CIP-008-5 (Incident Reporting
and Incident Planning)• SANS IR Practices• SANS Cyber Kill Chain• SANS ICS515
![Page 28: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/28.jpg)
ICS Incident Response Workflow Evolution
28
![Page 29: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/29.jpg)
Communications with Stakeholders and External Parties
29
![Page 30: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/30.jpg)
Customers & Case Studies
Classified & Unclassified Missions, Brand-level Confidentiality and Sensitivity, Restrictive NDAs
In other words – NO CUSTOMER LOGOS
![Page 31: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/31.jpg)
Supermajor Oil & Gas, JV and Independent Operators
• Providing thought leadership in ICS Cyber Security Program development and implementation
• Supporting cyber security audit, risk management, plan of action and milestones (PO&AMs), and remediation plans
• Developing human capability management, process, and technology implementation roadmaps to increase cyber security maturity level
• Supporting infrastructure assessments, upgrades and enabling operational efficiencies for OT, IT, IoT, and IIoT
31
![Page 32: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/32.jpg)
North American Pipeline Companies
• Providing thought leadership for cyber security and network communications strategies and programs
• Perform Cyber Audits and Risk Assessments for multiple plants
• Supporting plants and facilities across multiple states
• Providing managed security, automation and network services including:
₋ Cyber Security Operations Center monitoring and incident management₋ Network, re-architecture, design and implementation₋ RF engineering and analysis for radio system and IIoT upgrades₋ Path and Terrain Analysis, Line Loss and Frequency Loss Studies₋ Disaster Recovery Planning and Business Continuity₋ Digital Forensics and Remediation₋ Instrumentation & Electrical, Construction, and Pipeline Insulation₋ Migration from Pneumatic to Industrial Control System Automation₋ Process control and optimization for fractionation plants
◦ H2S, Sulfur Reclamation, Knockout of diesel and propane, Amine Systems, etc.
₋ 24x7 onsite and offsite support
32
![Page 33: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/33.jpg)
Government and Professional Societies
• Develop and deliver complementary Red Team and Blue Team training scenarios and playbooks for ICS cyber security courses
• Training exercises span DoD Cybersecurity Workforce roles
• Architect and implement custom device configurations for ICS cyber security Training Panels in conjunction with Red Team and Blue Team training playbooks
• Training materials and training panels used at Cyber Shield, a premier training program for military cyber warriors whose mission is to protect critical infrastructure and networks
• Trained and experienced to train the following courses:
₋ Cybersecurity for Automation, Control, and SCADA Systems (IC32E)₋ Using the ANSI/ISA-62443 Standards to Secure Your Control System (IC32)₋ IACS Cybersecurity Design & Implementation (IC34)₋ IACS Cybersecurity Operations & Maintenance (IC37)₋ ICS Cyber Security Oil & Gas, Chemical, Utility and Heavy Manufacturing Sector Training₋ ICS Cyber Security Transportation Sector Training₋ ICS Cyber Security Red Team & Blue Team Training (HouSecCon 2017)
33
![Page 34: Red Trident Incorporated Capability Brief](https://reader034.vdocument.in/reader034/viewer/2022042611/58ed06211a28ab03098b478b/html5/thumbnails/34.jpg)
Are you Ready to Engage?
• Cyber Security and Automation Thought Leadership
• Solution Development and Deployment
• Infrastructure and Process Gap Analysis
• Security Program Development
• Security Assessments
• Technology Roadmap
• Continuous Monitoring
• Process Design and Implementation
• Process Optimization
34
www.redtridentinc.com
832-707-2693