Continuous Diagnostics and Mitigation (CDM)

Deployment Services

Our experience in deployment services cuts across the largest, most complex environments in CDM and beyond. We are the premier provider for enterprise cyber system development based on a skillset, workforce, and method developed over time. We help agency operators build momentum, avoid common mistakes, and adopt best practices to speed implementation. What’s more, we guide teams as they sort through complex questions about cybersecurity tools and emerging threats. For example, our expertise in endpoint detection and response (EDR) implementation provides the government with deep visibility into behaviors and activity needed on endpoints. Watch the video and read our case study to learn more. 

Click Expand + to view the video transcript

In the face of increasingly advanced threats, the Federal Civilian Executive Branch Agencies need enhanced visibility to prevent widespread harm to their networks and protect the services the nation depends on. Endpoint detection and response technology, EDR, provides the needed deep visibility into behaviors and activity on endpoints. Booz Allen works closely with the government and subject matter experts from our EDR technology partners to determine how we can quickly implement EDR solutions. Our collective team can procure, deploy and configure agents for thousands of endpoints in a matter of weeks instead of months. For example, one agency was able to cover 85% of their network within 30 days. Working with three EDR partners, we have provided advance monitoring, detection and remediation capabilities for almost 480,000 endpoints across five agencies. This gives unprecedented visibility into threats and vulnerabilities targeting the agency networks, transforming how stakeholders identify, assess and remediate malicious activity, jeopardizing their essential missions. 

Data Services

Booz Allen has unique experience working with CISA to integrate CDM data across more than 70% of the federal enterprise. As a result, we understand the challenges and opportunities involved in moving this sensitive, heterogeneous data through and out of agency environments. We help agencies derive real and immediate value from their cyber toolsets while also meeting reporting requirements: Supplying such value is essential to incentivize broader adoption of CDM across the government.

Click Expand + to view the video transcript

To protect our nation's most critical assets, the Cybersecurity Infrastructure Security Agency's Continuous Diagnostics and Mitigation program requires a simple, streamlined data integration approach. This simplification is essential as the marketplace overflows with an abundance of cyber tools, all with different integration methods and data structures. As a CDM integrator, Booz Allen developed an approach to demystify data integration throughout a multi-tiered architecture. Our strategy enabled data owners and agency operators to integrate data accurately on their own, regardless of tool, vendor or source. Additionally, this helps stakeholders better understand how new or changes to data impacts dashboards and reports downstream. As a result, Federal Civilian Executive Branch Agencies were better able to reuse data from preexisting cyber projects, tool transitions and homegrown datasets. This increased CDM operationalization coverage and adoption. Agencies now save time and money, all while better aligning to their cyber roadmaps and CDM requirements. By streamlining, documenting and simplifying end-to-end data mapping, Booz Allen has created a model ready to be applied to other FCEB use cases, accelerating protection to assets across all environments 

CISA CDM Success Stories

At Booz Allen, we develop superior solutions to FCEB cybersecurity challenges. Our experience lets us deploy faster and at a larger scale, integrate more effectively, and achieve better federal cybersecurity outcomes.​ We innovate to help clients give threat hunters more visibility, counter emerging risks, and strengthen cyber defenses despite hurdles like the design of the federal enterprise, decentralized networks, and outdated systems. Given the federated nature of the FCEB, large agencies lack homogeneous environments. Instead, each component has a different environment and mission-specific needs. This makes agency-wide deployments complex. We are experts at addressing these obstacles. Read more about our Identity and Access Management work at USDA on CISA's website

Click Expand + to view the video transcript

As the steward of the nation's vast natural resources, the USDA has a workforce of 100,000 men and women in 4,500 locations protecting our country's food, agriculture, and biodiverse landscape. Each year during the summer wildfire season, that workforce number grows by 6,000 seasonal firefighters. These firefighters are onboarded to the USDA network at the beginning of the season and then off boarded at the end when they return to their home stations. This is an important security practice by restricting network access to only those who require it. The agency reduces potential attack vectors during the months when seasonal firefighters are not actively supporting USDA. However, there was a challenge that off boarding process took up to two weeks for each of those 6,000 firefighters. Working with USDA, our team implemented an automated identity lifecycle management solution. As a result, it now takes less than one hour, not weeks, for USDA staff to off board their workforce, whether seasonal or full time. Our solution replaced an outdated and inefficient system that included manual processes prone to errors. That system also included aging software that was vulnerable to cyber attacks. Now USDA has a more secure system and a centralized approach to managing its entire workforce. So now firefighters can focus on fighting fires and support staff are freed from the burden of manual processes. 

Endpoint Detection and Response

Learn how Booz Allen helped CISA roll out endpoint detection and response to five large federal agencies.

Critical Capabilities

Our rare insight into advanced threats and our leading security practices provide an invaluable edge to federal agencies facing constant cyber conflict. ​What’s more, we’re the top provider of zero trust solutions to the federal government. And we use a combination of partnerships; reverse engineering; a defense hunt stack; predictive analytics; vulnerability assessments; proactive threat hunting; AI; machine learning; and tactics, techniques, and procedures in preparation for adversaries. We bring deep expertise in key areas of cybersecurity:

Zero Trust Architecture (ZTA)

Protect mission and business priorities with zero trust

Threat Hunting

Uncover hidden threats in your digital environment

Data Services Management

Asset Management

Locate and categorize unauthorized devices and inventory-installed software; verify and validate security settings; detect security vulnerabilities

Identity and access management (IdAM)

Secure access to needed information, enforce multifactor authentication, update credentials, and monitor network and system behavior

Endpoint Detection and Response (EDR)

Gain visibility into what is happening on the network and respond to threats

Zero Trust for Civilian Agencies

In this e-book from Federal News Network, Booz Allen experts discuss zero trust for federal civilian agencies and the lessons they can learn from DOD’s Thunderdome implementation.

Learn More About Our Cyber Capabilities

Contact us to learn more about our Cyber Capability Deployment Center, data services management, and our success helping civil agencies achieve federal cybersecurity objectives.