Chitra is leading the industry at the forefront of cyber operations with a concentration on defensive cyber operations, vulnerability mitigation, and Risk Management Framework (RMF). Chitra has extensive past performance in identifying and implementing NIST 800-53 security controls, vulnerability remediation, and Department of Defense (DoD) Information Assurance (IA) Certification and Accreditation Process (DIACAP). Our staff includes experts in vulnerability management systems (eMASS, Xacta, VRAM, ACAS), cybersecurity policy, monitoring and compliance, DISA SRG/STIG implementation, and cybersecurity assessment and auditing.
We offer in-depth Cybersecurity and IA services utilizing the National Institute for Standards and Technology (NIST) RMF processes for managing the Cybersecurity posture of DoD information systems. Our certified staff has extensive experience working with many different network technologies and technology vendors, allowing us to provide comprehensive insight into your entire network operations. Implementing best of breed software solutions (automated vulnerability management, patching, backups, etc.) that are proven to reduce acquisition and life cycle IA sustainment costs by automating large portions of workflows from a central location.
Network Systems Security/ Computer Network Defense Support
Chitra has vast experience protecting large network and computer systems across multiple federal clients upholding various DoD, Department of Navy (DoN), Department of Transportation (DOT), and Air Force requirements as well as individual client’s policies and guidelines. We employ Network Defense methodologies and tools to solve technical and functional client-based issues, while also supporting the development and deployment of new systems by performing systems analysis and planning, software requirement analysis, system integration, and testing, and system documentation. Our team offers a full spectrum of IT service management support including distance learning systems, print-servers, network operating systems, subsystems servers, local area networks, and nuclear power and water systems.
Security Compliance / Risk and Validation Analysis and Mitigation
Chitra provides a broad portfolio of services to address information security, risk, and compliance needs of federal IT systems, networks, and infrastructures. Our security professionals utilize a defense-in-depth approach to help identify, quantify, and prioritize vulnerabilities and assess mission critical risks, as well as meet NIST SP 800-30, NIST SP 800-37, NIST SP 800-53, DoD, DoN, DIACAP, DODIs, AFI 33-210, AFCAP, CNSSI1253, MAJCOM, and other security compliance standards efficiently. Our expert security staff will effectively devise security and governance programs that fit our client’s cybersecurity needs while maintaining the highest security controls possible. Chitra has extensive experience working with the RMF Assessment and Authorization process and Designated Approving Authorities (DAA) / Authorizing Officials (AO) in order to secure and maintain the appropriate Authority to Operate (ATO) / Authority to Connect (ATC) designations. We continually evaluate and review current vulnerabilities and threats to confidential and sensitive information and assess risks associated with access to protected data.
Cybersecurity Tools and Techniques
Chitra utilizes industry best practices, tools, and techniques in the application of cybersecurity. We use both GOTS and COTS tools for cybersecurity assessments including Assured Compliance Assessment Solution (ACAS) / Nessus, Security Content Automation Protocol (SCAP) Compliance Checker, Security Technical Implementation Guides (STIG), STIG Viewer, Host Base Security System (HBSS), Enterprise Mission Assurance Support System (eMASS). Our ISSOs and ISSMs ensure proper reporting of test results and tracking of vulnerabilities found during systems assessments. Systems managed by Chitra are continuously monitored and a Plan of Actions and Milestones (POA&M) is utilized to track cybersecurity deficiencies throughout the lifecycle of the system.
- Risk Management Framework Support
- Risk and Vulnerability Assessments
- Software/Application Vulnerability Scanning
- Software/Application Certification and Accreditation
- Assessment & Authorization
- Authorization to Operate (ATO) and Authorization to Connect (ATC)
- Certificate of Networthiness
- Database Assessments and Analysis
- Supervisory Control and Data Acquisition (SCADA)
- Internet of Things (IoT)
- Performance Analysis and Process Improvements
- Database Integrity
Information Systems Security Engineering (ISSE)
Chitra supports our federal customers with engineering of security controls for information systems and assists in maintenance to ensure the continued accreditation of the system. This includes developing and updating system security plans and managing and controlling changes to the system and assessing the security impact of those changes. We employ analytical and evaluative methods as well as qualitative and quantitative techniques to identify technological strengths and establish data systems that leverage and capitalize on improved processes and functions that tailor to our client’s needs. Our defense-in-depth approach to Cybersecurity ensures that all hardware and software are approved, secured, and configured properly.
A dynamic part of the lifecycle of a software and systems product is its design process, understanding the requirements and critical functional elements of the design process allows for the most appropriate development model to minimize risk, meet cost, and deliver on schedule. Utilizing developmental design systems such as Service Oriented Architecture (SOA), Waterfall, Agile, Incremental, and Iterative. Chitra has the expertise to design, develop, integrate, and test custom federal system and software solutions and support start-to-finish development efforts from initial architecture and requirements capture through validation and deployment. With our experienced software and systems engineering team, we can help federal clients develop, integrate, manage, and maintain software and systems environments.
Information Assurance (IA) / Cybersecurity Support
Chitra supports our federal client’s objectives with a comprehensive approach to IA and cybersecurity initiatives. We provide our clients with a full portfolio of cybersecurity services to protect the integrity, availability, authenticity, and confidentiality of data across all systems. We design, configure, and deploy security architectures to meet our clients current and future needs as well as regulatory requirements. Providing an integrated approach to network and security management ensures the protection of our client’s most confidential data.
Enterprise Network and Systems Support Services
Chitra’s multi-disciplined engineering team provides system and network engineering solutions that have been implemented across multiple federal IT systems. Our expert team can offer recommendations in regard to new technologies, security protocols, and equipment in new and legacy enterprise network systems, as well as design and develop custom solutions to fit our federal client’s unique Networking needs. Chitra has analyzed, designed, and developed multiple federal systems that have modernized and enhanced performance of critical core missions.
Integrated Logistics Support
An essential element to a successful program is Integrated Logistics Support. By providing a comprehensive range of support services, we can engineer a system that is optimized throughout its life cycle. Our highly trained personnel assist in developing a phased logistics approach that defines broad logistics concepts and becomes more detailed as the program matures to produce the right level of readiness to support and sustain our client’s needs. Our elemental process of logistic support is planned, acquired, tested, and provided in a timely and cost-effective manner.
Research and Development
At Chitra, we perform extensive research and analysis of the customer’s requirements to formulate the best approach in providing technological solutions to mission-critical problems. We continually delve into research and development of new strategies to increase product support and discover new methodologies and practices to provide cost-effective solutions to real-world problems.