Obsidian is leading the way in next generation CSSP (Cybersecurity Service Provider) solutions and IA architecture, development of next generation network operations security centers (NOSC) and aiding our customer’s in operational and service provider alignment.
Risk & Vulnerability Assessment (RVA)
Obsidian leads cybersecurity programs in advising Information Systems Security Managers to perform Information Systems Security Officer roles, implementing NIST security doctrine. Obsidian uses the Risk Management Framework process for DoD Information Technology and National Security systems.
Incident Response (CDM, SOC)
Obsidian uses the NIST Cybersecurity Framework and MITRE Corrective Action Requests (CARs) as a key part of our process for hunting, identifying, assessing, and managing cybersecurity risk and incident response.
Obsidian has a proven penetration testing approach which focuses on locating and targeting exploitable defects in the design and implementation of applications, systems, or networks. . We use automated toolsets to reduce risk, and our expertise in manual testing allows us to complement automated results with targeted and precise tests that enhance the results.
Obsidian provides offensive security operations support for responding to a crises or urgent situations to mitigate immediate and potential threats. Cyber Hunts start with the premise that threat actors known to target some organizations in a specific industry or with specific systems are likely to also target other organizations in the same industry or with the same systems.
High Value Assets (HVA), Security Architecture, and Systems Security Engineering
Obsidian tackles security issues by addressing protection requirements throughout the life cycle of the systems. We use the Systems Security Engineering Framework: the problem context, the solution context, and the trustworthiness context.