Jun 2, 2020 SOURCE: BusinessWire

By Light and FireEye to Train Cyber Mission Forces

By Light Professional IT Services LLC and the intelligence-led security company, FireEye, Inc. (NASDAQ: FEYE) today announced the integration of Mandiant® Threat Intelligence within By Light’s Cyberoperations Enhanced Network and Training Simulators (CENTS®). The merged capabilities provide a unique platform to train defensive cyberspace operators against the most relevant malware tools threatening Department of Defense (DoD) networks today.

As today’s cyberspace landscape features an increasing number of well-funded, highly organized, and complex adversaries, the use of real-world threat intelligence in training and exercises has become crucial to defending effectively against cyberspace attacks. Industry-leading Mandiant Threat Intelligence from FireEye provides Cyber Protection Teams (CPTs) an opportunity to experience how these adversaries operate. Furthermore, DoD opposing forces (OPFOR) can customize their attacks to provide the most complete and responsive training scenario available to the defenders. By delivering captured and repurposed malware in the CENTS® range environment – either on command or automated – the OPFOR can emulate malicious actors’ tactics, techniques, and procedures (TTPs).

“Through this integration with By Light, we are giving highly skilled outfits such as the U.S. Cyber Mission Forces (CMF) access to the tailored, proprietary data and intelligence they need to rapidly develop and deploy advanced capabilities,” said Ron Bushar, CTO of Government Solutions at FireEye. “Within the custom command and control Mandiant Cyber Operations Platform (MCOP), teams can repurpose the very APT payloads to train the CMF in defensive cyberspace operations (DCO), alongside a Mandiant specialist, and supported by our FireEye Labs Advanced Reverse Engineering (FLARE) team. The realism and training impact behind these attack scenarios is truly unmatched.”

“By Light’s expanded relationship with FireEye underlines our commitment to increasing the realism and training opportunities of the range environment,” said Tim Grattan, Senior Vice President, Cyberspace Operations, By Light Professional IT Services LLC. “Integrating best-in-breed Mandiant Threat Intelligence into CENTS® allows us to better prepare CPTs, local cyberspace defenders, and students to detect and respond to these attacks.”

Within CENTS®, an attack is based on a real-world threat actor or group (e.g., APT3, APT10, Emotet) and uses captured malware to emulate the specific threat. To support collective training events and exercises, these attacks are enriched with Mandiant Threat Intelligence and occur as part of multiphase plans that form the basis for adversary campaigns against U.S. networks and infrastructure. By Light and FireEye further contextualize the threat activity by coupling the attacks with enemy objectives and success criteria. All malware is contained within the safety of a cyberspace range customized by the user to reflect the operational environment.

By Light customers can use APT cyberspace attacks on the CENTS® platform for a variety of training purposes:

Observe Attacks: CENTS® users can launch an attack to test sensor detection capabilities, rehearse incident response actions, and identify indications and warnings associated with an attack.

Evolution of Threat: CENTS® allows users to modify the training environment and vary existing attacks to study the APT’s tradecraft and likely courses of action.

Mission Rehearsal: Range builders using CENTS® can overlay various APT attack plans to teach, train, and assess cyberspace professionals using the threat actor’s TTPs and to prepare them for upcoming missions.

Operational Technology (OT) and Industrial Control Systems (ICS): CENTS® begins at Layer 2 and enables IP addressable mission systems and ICS to be added on the fly. Extend the range with unit kits or OT networks to test mission systems and defend ICS.

About the By Light CENTS® Platform

By Light’s CENTS® platform delivers an integrated Live-Virtual-Constructive (LVC) range environment for demonstration, training, exercise, tool development, and testing full-spectrum cyberspace capabilities. In addition to the FireEye cyberspace attacks, CENTS® features dynamic traffic flows, customizable protocols, social media services, multi-layer websites, and real-world geo-IP addressing. The range executes in automated or manual mode, and it can be reconstituted within minutes. To learn more about By Light’s CENTS® platform, visit: https://cybercents.com/

About the Mandiant Cyber Operations Platform

The MCOP is an industry-leading platform for enhanced network defense, security testing, cyber exercises, and Red Team tool kit. Cyber security professionals require a rapid deployment framework to conduct attacks with TTPs more closely aligned with that of specific APTs or unknown cyber clusters. With the MCOP, cyber professionals are able to use proprietary intelligence, data, and software to better replicate adversary attacks and improve their ability to stay proactive on enemy cyber network exploitation (CNE) TTPs.

About By Light Professional IT Services LLC

By Light Professional IT Services LLC, headquartered in McLean, VA, is an ISO 9001, 20000-1, and 27001 certified and CMMI-DEV L3 rated systems integrator that provides secure turn-key systems by incorporating exceptional engineering, project management, telecommunications, and cyber capabilities to safeguard mission success. Founded by industry professionals with extensive knowledge in Department of Defense and Federal agencies, By Light successfully implements technical solutions that integrate best commercial practices for government, commercial, and international customers. For more please visit www.bylight.com.

About FireEye, Inc.

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber-attacks. FireEye has over 9,000 customers across 103 countries, including more than 50 percent of the Forbes Global 2000.

FireEye and Mandiant are registered trademarks or trademarks of FireEye, Inc., in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.

View source version on businesswire.com: https://www.businesswire.com/news/home/20200602005019/en/

Related News

OnGuard Systems and FireEye to Provide Joint Customers with Insider Threat Protection and Defense

Google Cloud’s CISO Phil Venables and Mandiant CEO Kevin Mandia to Headline Cloud Security Alliance AI Summit at 2024 RSA Conference

Mandiant Appoints Dee Dee Acquista as VP of Channel Sales

Cyber Security: Technologies and Global Markets

Cloud Security Alliance’s Top Threats to Cloud Computing: Pandemic 11 Report Finds Traditional Cloud Security Issues Becoming Less Concerning

Crystal Group Rolls Out New Force-Enhancing Solutions at TechNet Cyber

Red River Secures Army ITES-3S Contract

CrowdStrike and Mandiant Form Mission-Focused Strategic Partnership to Protect Organizations Against Cyber Threats

View all News

Related Procurements

Deadline: Dec 31, 2069

59--CIRCUIT CARD ASSEMB

Totcal cancellation no FY20 funding

Deadline: Oct 1, 2024

Microelectronics Innovation for Next-generation System Advancement and Validation (MINSAV) Advanced Research Announcement (ARA) with Calls

This is to post questions and answers and OSD Briefing from Industry Day.

Deadline: Oct 31, 2024

Air Superiority Technology Broad Agency Annoucement

This Broad Agency Announcement (BAA) is for the Air Force Research Laboratory Munitions directorate (AFRL/RW) in support of Air Superiority Technolgoy. Operations Security (OPSEC): General OPSEC procedures,...

View all Procurementsp