Follow by Email

Saturday, July 11, 2015

Systems Integrity Management Tool by NSA Published on GitHub

The National Security Agency (NSA) has unveiled the second in a planned series of open source software releases on GitHub as part of the agency’s Technology Transfer Program (TTP).
“NSA has increasingly shared its research with the open-source software community, a move that can accelerate the development of innovative capabilities and solutions in both the public and private sectors,” the agency said.
The Systems Integrity Management Platform (SIMP) is a tool designed to allow organizations to maintain a specific security posture by keeping networked systems compliant with any given security standard, and is considered a critical part a layered defense-in-depth approach to cybersecurity.
The NSA says that multiple government and industry organizations have developed technologies similar to the SIMP tool to address U.S. Defense Department and Intelligence Community compliance requirements.
By releasing SIMP as an open source offering, the agency hopes it will help reduce duplication of efforts and promote more collaboration within the security community.
“The open-source software method of transferring technology from the federal laboratory to the marketplace is extremely efficient,” said Linda Burger, Director of the NSA Technology Transfer Program.
“The open-source community can leverage the work that NSA has produced, and the government can benefit from that community’s expertise and perspective. It’s a win for everyone – and for the nation itself.”
The NSA’s TTP initiative makes it easier for the agency’s innovators to share their technologies with industry, academia, and other federal agencies.
Last November, the NSA released its first open source tool on GitHub, a high-volume data flow tool called Niagarafiles (Nifi), which is designed to automate and optimize data flows between multiple computer networks even if they are using different formats and protocols.
“Enterprises could use it to quickly control, manage, and analyze the flow of information from geographically dispersed sites – creating comprehensive situational awareness,” the agency said.
The NSA frequently employs open source technology in its intelligence operations, and has previously made similar contributions to the open source community.
“The code for the agency’s ‘Accumulo’ project was previously released through the Apache Software Foundation,” the agency said.
“Global reviews and critiques that stem from open source releases can broaden a technology’s applications for the U.S. private sector and for the good of the nation at large.”
Last November the U.S. Army also released an open source version of the Dshell forensic analysis code, a framework used to understand security events and network compromises on Department of Defense networks.
Dshell can assist users in developing custom analysis modules based on security events they have encountered, and by open-sourcing the code the Army hopes that other developers will eventually contribute to the project by offering additional modules for digital forensics and incident response activities.
“Outside of government there are a wide variety of cyber threats that are similar to what we face here at ARL. Dshell can help facilitate the transition of knowledge and understanding to our partners in academia and industry who face the same problems,” said William Glodek, Network Security branch chief for U.S. Army Research Laboratory (ARL).
Glodek says the Army has been looking in to new avenues to engage and interact with the civilian digital forensic and incident response community through a collaborative platform, and the social coding website GitHub was the perfect choice.
“The traditional way of sharing software even between government entities, can be challenging. We have started with Dshell because the core functionality is similar to existing publicly available tools but provides a simpler method to develop additional functionality,” Glodek said.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.