Our Capabilities

Capabilities and Benefits 

OS Intelligent is a veteran-owned small business with strategic partners that are service-disabled veteran-owned small businesses. We offer organizations advanced AI to find hidden external cyber threat intelligence. We provide corrective action plans for DNS registrar protection, protective DNS, and continuous monitoring to protect against advanced persistent threats of phishing, ransomware, malware, and bot attacks. We support IAW the NSA requirement, 14 JAN 2021 related to Protective DNS and DNS Security, and CISA NSA Joint Guidance dated May 2021. Justifications under EO 14028, OMB 23-10, NIST 800-37 R2


CORE COMPETENCIES    
●    External cyber threat intelligence with advanced AI to catch what has been missed by most popular security tools and risk rating systems.
●    Domain Registrar protection and Monitoring.
●    Protective DNS and Monitoring for APT, Phishing, Ransomware, Malware, and BOT attacks.
●    Both external and internal continuous DNS monitoring.
●    Automated OFAC & ITAR Automated Compliance reporting.


DIFFERENTIATORS    
●    Our new cyber defense modernization accelerator creates and executes action plans against a mission essential task list (METL) approach to the cyber problem.
●    Cyber defense accelerator created to support Executive Orders 14028, OMB21-31, 23-10, NIST SP 800-37 Rev. 2, CISA, and DHS Mandates.

Download our capabilities statement.

ISO Standards:

1. ISO/IEC 27001: Information Security Management
   • A.12.6.1: Management of technical vulnerabilities
   • A.13.1.1: Network controls
2. ISO/IEC 27002: Code of Practice for Information Security Controls
   • 12.6: Technical vulnerability management
   • 13.1: Network security management

NIST Frameworks:

1. NIST SP 800-53: Security and Privacy Controls for Federal Information Systems and Organizations
   • CA-7: Continuous Monitoring
   • SC-7: Boundary Protection
   • SI-4: Information System Monitoring
2. NIST Cybersecurity Framework (CSF)
   • PR.DS-1: Protect Data at Rest
   • DE.CM-7: Monitoring for unauthorized personnel, connections, devices, and software
   • RS.MI-3: Mitigate

DISA STIGs (Defense Information Systems Agency Security Technical Implementation Guides)

1. Network Security STIG
   • V-31409: Network devices must employ automated mechanisms to assist in the tracking of security incidents.
   • V-31773: Network devices must be configured to send log data to a central log server.
2. Firewall STIG
   • V-17149: Firewalls must be configured to send alerts to the administrator in the event of a critical security event.
   • V-17435: Firewalls must have only authenticated access for administrative users.

Other Frameworks:

1. PCI DSS (Payment Card Industry Data Security Standard)
   • Requirement 11.4: Use IDS/IPS to detect and alert personnel to suspected compromises.
   • Requirement 6.6: Address common coding vulnerabilities in software-development processes.
2. HIPAA (Health Insurance Portability and Accountability Act)
   • 164.308(a)(6)(ii): Implement procedures for detecting, preventing, and responding to security incidents.
   • 164.312(b): Implement mechanisms to encrypt and decrypt ePHI.
3. GDPR (General Data Protection Regulation)
   • Article 32: Security of processing

CIS Controls (Center for Internet Security)

1. CIS Control 12: Boundary Defense
   • Sub-Control 12.4: Deny communications with known malicious IP addresses.
   • Sub-Control 12.5: Implement application layer filtering.

Business Justifications:
Executive Order 14028 Directive Since 2021

Publicly Traded Companies - Mandates Form 8-K - SEC  - Cyber Threat Reporting Requirement. Penalties min. 5K per issue not reported within 96 hours at average. 50K/Day up to 4% of Revenue. 

NIST/CMMC – Continuous Monitoring https://csrc.nist.gov/pubs/sp/800/137/final

CISA Protective DNS Initiative - https://www.cisa.gov/resources-tools/services/protective-domain-name-system-resolver   Executive Order support 

Cloudflare Registrar HLS Mandate Protected DNS Registrar -  https://www.cloudflare.com/press-releases/2023/cloudflare-wins-cisa-contract-for-dns-services/  

eGov – OMB-23-10 https://www.whitehouse.gov/wp-content/uploads/2023/02/M-23-10-DOTGOV-Act-Guidance.pdf