Monitoring & Analysis

An organization’s network monitoring & analysis is not a nice-to-have but a need-to-have.

As a nonprofit serving in the Nation’s interest, we focus on providing powerful yet affordable cybersecurity support services.

AUI’s Woodstar Labs provides network monitoring and analysis services to partner organizations. Our team of analysts and engineers have the experience, credentials, and education that allows us to find signs of cyber intrusions efficiently and effectively in a broad range of network environments. With our heritage as a non-profit with an educational mission, we provide our team with leading-edge training to stay apprised of the threat landscape in this rapidly evolving field of practice.

We have achieved our cost and performance targets by building state-of-the-art data analysis and visualization tools using open-source foundations. Our technology provides our team with data-driven insights into a network without incurring large or recurring software license fees for our clients. Woodstar Labs specializes in analyzing data provided by Zeek sensors and is skilled at fusing that data with other sources, threat intelligence feeds, and machine logs.

Our Monitoring and Analysis Services consists of:

  • Remotely and securely monitoring network traffic using an on-premise/cloud-based sensor/intrusion detection system
  • Fusing of multiple threat feeds
  • Twice-daily analysis to identify potentially anomalous activities
  • Alerting with complete technical reporting
  • Automated and manual vulnerability scanning and reporting
  • Constant monitoring and validation of a substantial number of CMMC controls
  • Provide CISO-as-a-Service (CaaS).

Benefits of Monitoring and Analysis Services

  • Uncover and address cyber hygiene issues
  • Identify misconfigured devices
  • Help ensure compliance with your organizational cybersecurity policies
  • Develop evidence-based cybersecurity roadmaps
  • Identify truly anomalous behavior that might indicate something more serious

Key Network Monitoring and Analysis Services

Our key services include intrusion detection System, cyber hygiene and cybersecurity control monitoring; installing Zeek sensor(s) and fuse available log data for wholistic analysis of the environment; merging data with multiple threat feeds; real-time alerting combined with twice-daily analysis of observed activity; supporting multiple CMMC level 1 & 3 practices.

Digital Intrusion Detection Systems

Securing systems at an affordable rate is of paramount importance to Woodstar Labs. We understand the importance of your work and how important it is to keep your private information private. We do this by focusing on your metadata without peering into your private information.

We use a suite of sophisticated tools to obtain, view, utilize and analyze metadata from our client’s network infrastructure. These tools enable us to validate security controls, monitor cyber hygiene, and detect anomalous and malicious activity.

Through leveraging largely open-source tools, we can combine signature and behavior detection techniques with threat intelligence and reporting and tracking tools to provide an affordable yet powerful monitoring system. We can use your existing metadata sources or integrate cutting-edge sensors to provide unique insight into encrypted traffic and map to the Mitre Att&ck framework.

Cyber Hygiene Monitoring

Cyber hygiene is a practice that maintains the health and security of a system’s hardware and software. These practices are performed routinely to ensure the safety of identity and other details that could be stolen or corrupted. Just like physical hygiene, cyber hygiene is conducted to ward off common threats such as malware.

Our analysis team constantly monitors for issues like legacy hardware and unauthorized network traffic. Legacy hardware commonly indicates that the device contains older hardware, such as jumpers or dip switches, to configure the device.

Cybersecurity Control Monitoring

Recently, the White House issued a Memorandum on improving cybersecurity for critical infrastructure control systems. The Memorandum establishes an Industrial Control Sytems Cybersecurity Initiative and directs the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Commerce’s National Institute of Standards and Technology (NIST), in collaboration with other agencies, to develop and issue cybersecurity performance goals for critical infrastructure. This initiative reinforces the need for baseline cybersecurity goals, consistent across all critical infrastructure sectors, as well as a need for security controls for select critical infrastructure that is dependent on control systems.

Our analysis team will:

  • Prepare your organization to manage security and privacy risks
  • Categorize the system and information processed, stored, and transmitted based on an impact analysis
  • Select the set of NIST SP 800-53 controls to protect the system based on risk assessment(s)
  • Implement the controls and document how controls are deployed
  • Assess to determine if the controls are in place, operating as intended, and producing the desired results
  • Make sure that senior officials make a risk-based decision to authorize the system (to operate)
  • Continuously monitor control implementation and risks to the system

Let's Work Together!

Contact us today and find out what we can do to secure your organization.