Telos is a world-class provider of information assurance and security solutions to government and commercial customers. Offerings include cybersecurity consulting services,compliance and security process automation with Xacta IAManager, and security process and solution training.

XACTA® IA MANAGER:IT GRC THROUGH ADVANCED SECURITY PROCESS AUTOMATION

Winner of the 2009 Government Security News Homeland Security Award for Best Security Compliance, Auditing, Vulnerability Management Solution, Xacta IA Manager is a continuous risk management framework that automates and enforces IT security processes across the enterprise. It combines the industry-leading security compliance and continuous risk assessment functionality with powerful process automation to establish a centralized IT governance, risk, and compliance (IT GRC) platform.

Xacta IA Manager offers IT risk assessment, security authorization, and C&A automation in accordance with DIACAP, NIST 800-37, DCID 6/3, CNSS 1253, ISO 27001/2, COBIT, HIPAA, PCI and other IT governance and IT security evaluation methodologies & criteria. Xacta IA Manager: Continuous Assessment provides operational relevance and features automated test execution and scheduling for continuous monitoring of security controls. It offers validated FDCC Scanner SCAP capabilities to ensure approved configuration management profiles are in place and all patches are up to date.

INFORMATION ASSURANCE

Industry Leading Information Assurance and Security Solutions

Organizations benefitting from Telos IA solutions

• US Air Force

• US Army

• US Marine Corps

• US Navy

• US Department of Energy

• US Department of Homeland Security

• US Department of Justice

• US Department of State

• US Department of Treasury

• US Intelligence Community

• Financial Services and Healthcare Organizations

• Various Fortune 500 Companies

For more information:For pricing or other information, please send an e-mail to info@telos.com or call 877.409.2282

www.telos.com®

CYBERSECURITY CONSULTING, AUTOMATION, AND TRAINING

INFORMATION ASSURANCE SOLUTIONS

Among the customers employing Telos IA Services are: • USAITA’s Pentagon operations, where Telos

designed the security infrastructure • Army CECOM Software Engineering Center (SEC)

with certification and accreditation (C&A) services • USAF Application Software Assurance Center of

Excellence (ASACoE), for which Telos developed the applications assessment processes and methods. ASACoE successfully executed over 180 application assessments in its first eighteen months of operation.

• Navy SPAWAR Systems Center, which reduced the timeframe of the Navy Medical C&A effort from three years to two with nearly all enterprise sites receiving the required authority to operate (ATO).

Telos IA consultants have received numerous commendations from DoD, federal agencies and commercial customers for their oustanding performance.

CYBERSECURITY CONSULTING SERVICES

With over twenty years experience in the most demanding security-conscious organizations, Telos is recognized among the most qualified information security consulting practices. Over 140 security engineers and analysts, cleared up to TS-SCI, make up the Telos Cybersecurity services team. Most are CISSP certified, with Subject Matter Experts who monitor news, events and regulatory changes related to specific security areas and technologies.

Telos completes hundreds of C&As each year using a unique methodology that has gained acceptance by all authorities supported – including Authorizing Officials, Certification Agents, Designated Accrediting Authorities, Certifying Authorities, Designated Approving Authorities, and Agents of the Certification Authority – helping customers to fully comply with DIACAP, NIST 800-37, DCID, and JAFAN.

Cybersecurity assessment, engineering, and operation services are available on both a fixed price and a time and materials basis.

CYBERSECURITY ASSESSMENTS

• C&A and governance, risk and compliance

• Vulnerability and risk assessment

• Application-level security services

• Penetration testing

CYBERSECURITY ENGINEERING

• Vulnerability identification and analysis

• Vulnerability remediation and mitigation

• Security architecture design and implementation services

CYBERSECURITY OPERATION

• Incident response and reporting

• IASO/IAM support: policy and procedure development

• Security tool deployment and management

Architecture DescriptionArchitecture Reference

Models

Mission/Business Processes

Segment and Solution Architectures

Information System Boundaries

Organizational InputsLaws, Directives, Policy

Guidance

Strategic Goals and Objectives

Priorities and Resource Availability

Supply Chain Considerations

Step 2

SELECTSecurity Controls

Step 3

IMPLEMENTSecurity Controls

Step 5

AUTHORIZEInformation System

Step 6

MONITORSecurity Controls

Step 4

ASSESSSecurity Controls

Step 1

CATEGORIZEInformation System

RiskManagementFramework

ProcessOverview

Starting PointREPEAT AS NECESSARY

The NIST Risk Management Framework (RMF) provides a structured approach to managing risk throughout a system’s life cycle. Telos adheres to the RMF in all of

its Information Assurance services and solutions.

Source: NIST 800-37, Rev 1

TRAINING FOR SOLUTIONS AND STANDARDS IN IT RISK COMPLIANCE ASSESSMENT

Telos’ experience has given us a unique understanding of our customers’ goals, processes, resources, and risks. This is the foundation of a program designed to fully address your IA training needs. The Implementing DIACAP and NIST Risk Management Framework courses incorporate hands-on instruction and collaborative learning labs, evaluation fundamentals, system boundaries, threat identification, vulnerability and security controls, process overview, and the step-by-step development of a security evaluation package. These courses walk through each of the applicable process phases, activi-ties, or steps, and all product courses include extensive hands-on labs. Classes are regularly offered at Telos’ headquarters in Ashburn, VA. We also offer training at customer locations, customized courses, and Web-based tutorials.

Telos offers the following training:

• DIACAP instruction for theDepartment of Defense

• NIST Risk Management Framework instruction in support of executive agencies of the federal government and their contractors

• Xacta IA Manager instruction forusers and administrators of Telos’ secure solution

To view the current training calendar or to register for a class, please visitwww.telos.com

Telos IA consultants have received numerous commendations from DoD, federal agencies and commercial customers for their oustanding performance.

Source: NIST 800-37, Rev 1

Telos is a leading provider of advanced technology solutions that secure the vital assets of the world’s most demanding enterprises. Our customers include military, intelligence, and civilian agencies of the federal government and NATO allies around the world. We protect and defend the systems of our customers with information assurance solutions and services that ensure system availability, integrity, authentication, and confidentiality. Our security consultants protect some of the government’s most critical networks with full security assessment, security engineering, and cybersecurity management services.

Telos Corporation | 19886 Ashburn Road, Ashburn, VA 20147-2358 | 1.800.70.TELOS | 1.800.708.3567 | Fax 703.724.3865 | www.telos.com © 2011 Telos Corporation. All rights reserved. IAOVER-092011

Telos cybersecurity and Information Assurance solutions are available to federal government customers through the following contract vehicles:

• Telos GSA Schedule • DoD Enterprise Software Initiative• NETCENTS • Various agency-level blanket purchase agreements

ContaCt Us for More InforMatIon

info@telos.com

877.409.2282

www.telos.com

or follow us on Twitter @TelosNews or @TelosCyber