Fortress Sweat Equity

Fortress Information Security provides holistic overview of cyber security risk by connecting vendors, IT & OT components, and vulnerabilities together.

For the 2022 Cybersecurity Automation Workshop, hosted in Washington, D.C., Fortress will be providing software tools, demo resources, and in-person participation.

Our tools and services are a Posture Attribute Collection & Evaluation (PACE) system which will be used to demonstrate PACE use cases. A PACE architecture includes 3 components: a Posture Collection Service (PCS) for collecting posture attributes, a Posture Attribute Repository (PAR) for storage and retrieval of attributes, and a Posture Evaluation Service (PES) for using attributes for analysis.

• File Integrity Assurance (FIA) can be used for producing, ingesting, and analyzing SBOMs. FIA is a continuous monitoring solution for detected new vulnerabilities in existing components as they are discoverd.

PACE Use Cases

FIA and Fortress Platform will be used to showcase PACE use cases, including:

1. Collect SBOM with Command using FIA as a Posture Collection Service (PCS).

2. Retrieve SBOMs using FIA as a Posture Attribute Repository (PAR), for example:

   • Retrieving an SBOM from the PAR in the same format and serialization originally provided to PACE system
   • Retrieving SBOM from the PAR in a different format than originally provided to PACE system
   • Retrieving SBOM from the PAR in a different serialization than than originally provided to PACE system

3. Requesting a subset of SBOM data using FIA as a Posture Attribute Repository (PAR)

   • For example, requesting data associated with a particular component(s)

4. Evaluation of SBOM data using FIA as the Posture Evaluation Service (PES), for example:

   • Evaluating which products are affected by a particular CVE, such as CVE-2021-20190, a flaw in jackson-databind before version 2.9.10.7.
   • Evaluating which products contain known vulnerable component, such as, log4j v2.15.0.
   • Evaluating the potential vulnerabilities affecting the components found in an SBOM
   • Evaluating component’s dependencies and transitive dependencies for out of date versions
   • Evaluating the component’s maintainer or contributors for the potential for adversarial influence
   • Evaluating the components for malware, integrity, authenticity issues
   • Evaluating components for License risk, such as if a component can bue used in a commercial product, or if modifications/bugfixes must be released.

Fortress PACE

As OpenC2 interfaces are still under development, the term “hand-waving lycan” will be used in places to represent the conversion of PACE interfaces to Fortress APIs.

Return to Sweat Equity

return to Sweat Equity

Return to Agenda

return to Agenda

Return to Home

return to Home