Defend against cybersecurity threats and mitigate breaches with comprehensive, customized protection and remediation. Are your solutions customized to your mission?
Defend against cybersecurity threats and mitigate breaches with comprehensive, customized protection and remediation. Are your solutions customized to your mission?
Full Spectrum Cybersecurity Solutions Tailored to Your Needs
Sabre Systems provides comprehensive cybersecurity leveraging our expertise with the Department of Defense “Defense-in-Depth” strategies. We not only address your vulnerabilities at the boundaries of your information technology, information system or platform information technology, but also ensure you are resilient and can survive a breach. We always strive to protect your most valuable information with state-of-the-art technology and software.
The end-to-end solutions we provide include: development of cyber policies for your organization (including training), conducting cyber risk assessments based on known and emerging threats, validating the risks to your organization in multiple dimensions (including Penetration testing), identifying and implementing mitigations and ensuring your cyber solutions are sustainable.
Capabilities
- NIST/RMF Compliance
- Offensive and Defensive cyber solutions for DoD, Federal and Commercial Customers
- Full Spectrum Operations (Directed Energy; Electronic Warfare, HPL, HPM. Etc.)
- Cyber Risk Assessments
- Mission/Business Thread Analyses
- Mission assurance
- Survivability and resilience to cyber attacks
- Automated Cyber Assessment using our next generation Automated Vulnerability and Compliance Suite (AVACS)
- Automated tools to support your requirements to meet the DFAR clause and CMMC compliance
- Vulnerability scans and penetration testing
- Secure Software Coding
- System Security Plan (SSP) Development
- Cyber training
- Webinar support
- Security Architecture Review
- Cybersecurity Configuration Management Plan Development
- System Security Engineering
- Program Protection
- Cyber Test and Evaluation
- Cyber Architecture Development/Modeling
- Cyber Program Management
- Network Security Engineering/Administration
- Continuous compliance monitoring
- Incident Response/Disaster Recovery Planning
Cyber Staff Augmentation
CISO
ISSO
Navy Qualified Validators
Technology and Products
Automated Vulnerability and Compliance Suite
Sabre developed the Automated Vulnerability and Compliance Suite (AVACS), an automated tool that provides cyber risk assessments (CRAs) in only hours or days, thereby reducing the time to assess and mitigate issues with Risk Management Framework, CYBERSAFE, etc. This is the only cyber analysis process/tool that includes confidence factors (CF) that also addresses all aspects of a system including its supply chain and maintenance/support elements. AVACS can perform white hat analyses, red team/blue team exercises, and more comprehensive CRAs in less time and with greater fidelity than currently available assessment tools.
CMMC Assessment Tool
Sabre developed a comprehensive, interactive software tool to support Gap Analyses, development of System Security Plans and preparation for CMMC audit. This tool is currently used to support Defense Industrial Base customers under our Sabre On Point group.
CYBER Certifications
SABRE CYBER SOLUTIONS
Certified Information Systems Security Professional (CISSP)
Certified Ethical Hacker (CEH)
Certified Hacking Forensics Investigator (CHFI)
Global Certified Intrusion Analyst (GCIA)
Global Certified Incident Handler (GCIH)
Information Assurance Vulnerability Management (IAVM)
Certified Information Systems Auditor (CISA)
Certified Computer Examiner (CCE)
International Society of Forensic Computer Examiners
GIAC Certified Firewall Analyst (GCFW)
HACS SIN GSA IT-70 schedule
Certified Information Systems Security Professional (CISSP)
Certified Ethical Hacker (CEH)
Certified Hacking Forensics Investigator (CHFI)
Global Certified Intrusion Analyst (GCIA)
Global Certified Incident Handler (GCIH)
Certified Information Systems Auditor (CISA)
Certified Computer Examiner (CCE)
International Society of Forensic Computer Examiners
GIAC Certified Firewall Analyst (GCFW)
Experience
SABRE CYBER SOLUTIONS AT WORK
Program Protection System Security Engineering
Sabre developed the Program Protection System Security Engineering policy for the U.S. Air Force (USAF) Cyber Resiliency Office for Weapon Systems office to build in cyber resiliency and survivability across the USAF enterprise for new and legacy systems managed by space and missile defense, nuclear, and aviation programs. The policy was promulgated across the USAF enterprise in March 2020 and is currently used by their Space and Missile Defense, Nuclear, and Aviation programs. This policy was also endorsed by the Naval Air Systems Command.
Cybersecurity R&D Programs
Sabre supported the U.S. Army C5ISR Center in the development of Software-Based Encryption (SBE) and Insider Threat Detection and Prevention programs (ITD&P). The SBE program focuses on the employment of Cryptographic primitives to protect data in transit, data at rest, and computational data in Tactical Networks. The ITD&P program focuses on the identification of malfeasant insider threat behavior on Tactical Systems and Applications and attempts to prevent any damaging consequences.
Cybersecurity Risk Management Framework
Sabre provides Naval Air Systems Command/Naval Air Warfare Center Aircraft Division Cybersecurity Strategy Development and Approval Policy and Oversight, the Risk Management Framework (RMF) process and obtainment of an Authority to Operate (ATO), Navy Qualified Validators (Levels I, II and III) and ISSOs, Computer Network Defense (CND), Assessment and Authorization, cyber risk assessments, red/blue team exercises, and program protection and anti-tamper.
Cyber Risk Assessment
Sabre developed a solution for assessing mission success in a cyber-contested environment, known as the Mission Thread Analysis Process (MTAP). We use MTAP to conduct comprehensive Cyber Risk Assessments of any Information System/Information Technology/Platform Information Technology (IS/IT/PIT), identify all critical cyber-attack paths, and determine the magnitude of the threat surface subject to potential cyber-attacks.
Making News In CYBER
SABRE CYBER SOLUTIONS
Sabre Recognized for Cyber Readiness
A Sabre Systems, Inc. team received the highest score given to any unit within the NAVY for the Cyber Command Readiness exercise. Sabre employees were involved in the NAWCAD Command Cyber Readiness Inspection and NAWCTSD Cybersecurity Inspections teams in cooperation with the RDT&E labs in 4.0 and 5.0. Inspection (CCRI) and 97.6% at NAWCTSD Orlando for the Cyber Security Inspection (CSI) conducted by FLTCYBERCOM. Cybersecurity readiness rests on the foundation of traditional security readiness. That means maintaining an appropriate level of security in the key traditional security areas: Physical Security, Operational Security, Administrative Security, Procedural Controls, & Legal, Regulations, and Investigations Compliance. These teams received the 2012 NAWCAD Commander’s Award primarily for their hard work and dedication.
Sabre Employees Receive Patent for Multi-function Smart Communication Card
Sabre Hardware Development Engineer (Ghanshyam Dave) and Software Development Engineer (Todd Lutton) were part of a six man team that received a patent for the development of a Multi-Function Smart Communications Card. The patent covered various embodiments related to a smart card. The smart card enables multiple communication protocols that can be used to support several modes of user and system authentication. Improvements include power storage, data transport and authentication modes. The metadata spreadsheet is the single repository of important characteristics of the highest priority administrative records at the Census Bureau. This repository can be used on a project- by-project and dataset-by-dataset basis.
CMMC Vlog Series
with Robert Hanley
Robert Hanley, Vice President and Cyber Solutions Architect for Sabre Systems and Sabre On Point, shares insights and guidance on awareness and training requirements for Cybersecurity Maturity Model Certification (CMMC) compliance.
Awareness and Training
Level 1 is awareness and training, and if you are going to seek a DoD contract you’re going to be required to be a minimum level one CMMC, or for a prime contractor you’ll need to be at a level three.
Configuration Management
What do you need to know about CM? Understand your baseline configuration, understand things like security patches and how they’re applied, software updates when they’re pushed.
Identification & Authentication
The key focus of IA is to grant access to authenticated entities, pretty simple and straightforward, but we’ll see how this progresses as we go through each of the levels.
Incident Response
Incident response is geared towards protecting your organization’s information, as well as its reputation by developing and implementing an incident response infrastructure.
Maintenance
Maintenance is focused primarily on the maintenance of all aspects of your systems and network CUI security. MA has four level two practices and controls that you need to know about.
Media Protection
MP is focused on identifying and marking your media; protecting and controlling the media; sanitizing the media; and finally, protecting your media during transport or moving it obviously from one place to another.
Personnel Security
PS is focused on understanding your people, ensuring you know how to identify concerns handling CUI, as well as ensuring your staff and team are trained to identify potential insider threats.
Physical Protection
PE is focused on physical protection activities that ensure physical access to CUI, asset container locations are strictly controlled, managed and monitored in accordance with CUI protection requirements.
Recovery
Recovery is focused on the ability to recover from any event that compromises the integrity and availability of data. Backup is required and includes all content, not just CUI. Further, testing backups is now a requirement and should be validated during a CMMC assessment.
Risk Management
Risk Management, as the name suggests, is targeted at managing security risks. This means conducting periodic risk assessments and fixing any vulnerabilities you uncover.
Security Assessment
CA, security assessments, are focused on three main areas – to develop and manage a system security plan, to define and manage controls and to perform code reviews.
Situational Awareness
SA focuses on networks. These present serious challenges to your IT and security teams. This includes access policies, corporate and regulatory compliance mandates, and change management all of which require real-time visibility.
Sabre Systems, Inc.
Excellence. Delivered.
© 2022 Sabre Systems, Inc.
All rights reserved.
SABRE
Sabre Systems, Inc.
Excellence. Delivered.
© 2022 Sabre Systems, Inc. All rights reserved.