To get ready for the FedCyber Summit on Wednesday, we spoke to some of our sponsors about the current state of the Federal Cyber ecosystem, and what they are doing to advance it.
I spoke with Greg McDermott, Director of Federal Operations from Mu Dynamics and asked him the following questions.
Q: What is the biggest challenge in cyber security today?
The biggest challenges in cyber security today are keeping up with emerging threats and making getting your cyber security to be proactive instead of reactive. To go into further details on this specifically. Most cyber security groups use reactive methods and fail to actively look for new threats. The emerging challenges arising are the same ones that have been plaguing the cyber security front.
- Getting management to understand the risk, vulnerabilities, and constant threat to the network.
- Budgeting appropriately for staffing and equipment.
- Getting management to clearly understand the benefits of the different areas of security such as research, and actively hunting for security weaknesses.
Q: What does your company provide to fill gaps in the current ecosystem?
Enter the Mu Dynamics system and its capabilities.
To be proactive you have to actively be hunting and probing for weaknesses in your systems. The most effective way is to hunt for the holes and exploits in your infrastructure and applications. Of course evaluating your network and determining the highest risk targets is the first priority but public facing assets are critical to test. Mu Dynamics brings to the table one of the most resilient fuzzing packages on the market. The challenges with fuzzing are:
- setting up the environment for fuzzing
- Setting up the fuzzer for testing purposes and ensuring all the correct parameters will get fuzzed.
- Monitoring for faults and ensuring your fuzzing is not interrupted to maximize the time required for fuzzing.
The Mu solution provides your team with the ability to setup quickly a fuzzing solution with the use of pcap traffic for that system. It has intelligence built into the solution to enable the automatic restarting of services or even the system itself in the event of a crash in the system or service. It has built in collectors and triggers to enable flexibility for isolating and collecting the information needed to determine the possible vulnerable vector.
Q: What products does your company offer to drive innovation?
Although the Mu fuzzing platform is one of our biggest innovations the Mu Studio suite is used to provide even more innovation. Constantly from the cyber security arena they are worried about the new threats as they come out. Some they have seen on their network others they have not. The Mu Studio solution allows a user to quickly and easily modify standard traffic and customize it however you desire. The customization is simple but powerful so that new attacks can be crafted. Once crafted the Mu studio allows you to create stateful traffic that can be sent on your network and your security can be tested against these.
To make the changes needed to move forward?
To make the changes needed to move forward it is critical to find the weaknesses and holes in the network. Unfortunately since most cyber security groups are under staffed and under funded for finding vulnerabilities a gap has formed for performing these functions. Mu Dynamics has built a solution that will not only allow you to fuzz your devices, applications, and systems for new vulnerabilities but also allow you to test the other areas. Test your IDS / IPS solutions quickly and efficiently as well as test the effectiveness of the rules on those systems. The ability to perform exfiltration through a variety of ways. The best description of the Mu Dynamics system is a system that you can craft your imagination on. If you can imagine some type of traffic you can easily create this traffic and again put it on your network in a stateful manor.
Q: How can your firm help government satisfy requirements, especially for visibility, movement to cloud and citizen outreach?
As requirements come out most of the time these are unfunded requirements. The biggest challenge is finding the time and resources to test the systems for these requirements. The Mu Dynamics solution provides a quick and easy solution to generate scenarios that can be used to test that the requirements are in place as well as the system or application is still functioning as intended. The ability to generate scenarios that can be used to test the monitoring capabilities as well as take traffic that is expected to trigger vulnerabilities and quickly mutate it in slight manors to see what is still caught by these systems.
Finally the biggest challenge when moving to a cloud solution is not knowing how it will perform in real world scenarios. The Mu solution allows you to generate traffic at high volume loads as well. After building a cloud application the testing of real traffic and documenting the results of the application is a difficult task. Using the Mu Dynamics solution you can create real traffic of 1000 users accessing the site a second or 100,000 users accessing the site a second. After sending this stateful traffic a report is generated that will demonstrate the time taken for each request that was made by the system, the time it took each step, as well as the metrics based on time and speed. This enables a new cloud solution to be tested and demonstrated by what would be the exact equivalent of the same amount of people attempting the exact same thing. This is a powerful ability and can easily demonstrate the flaws in application code and bandwidth limitations of your cloud solutions mixed with your network gateway bandwidth limitations.
Q: In what directions should the market innovate?
The market has several directions that are important to innovate but are all based on the goal of each innovation. For example the goal for datacenter consolidation to reduce the rental cost, cooling cost, and power cost throughout the government require not only moving more to the cloud, but also getting more equipment into a smaller space virtual computing.
So specifically for the cyber security space and market innovation I personally feel we have to evaluate based on criticality. As in this day and age everything is networked together down to the most critical of networks and crucial environments. Thus I believe the networking technology is first up for testing and security. Next, I believe the devices connected on the network used for energy management are the next most critical items for testing. Testing these for issues is again a critical area as they can cripple a nation if they are compromised and or shut down.
Check out Mu Dynamics on their website, here.