Cybersecurity Professionals

We implement, test, administer and sustain cybersecurity solutions.

Defending our nation on the battlefield of tomorrow.

H2L Solutions has a staff of information security professionals skilled in the development and management of cybersecurity programs. Our professionals assist our clients with multiple layers of information assurance and cybersecurity requirements.

We also guide the completion of a variety of processes:

  • DoD Risk Management Framework (RMF)
  • Certificate of Networthiness (CoN)
  • DFARS 252.204-7012 assessments

Our professionals hold certifications that satisfy both Information Assurance Technical (IAT) and Information Assurance Manager (IAM) levels I through III:

  • ISC2 Certified Information System Security Professional (CISSP)
  • ISACA Certified Information Security Manager (CISM)
  • SANS GIAC Certified Incident Handler (GCIH)
  • EC-Council Certified Ethical Hacker (CEH)
  • CompTIA Security+
  • CompTIA Network+
  • Microsoft Certified Technology Specialist (MCTS)
  • Microsoft Certified IT Professional (MCITP)

H2L Solutions developed and markets a “customer tailored” hardware/software solution set to meet the DFARS 7012 regulatory compliance requirements for Cybersecurity. Solution and compliance integration services have been sold to and implemented to companies across the country.

Cybersecurity Solutions

1. Cyber Security Services

  • Cybersecurity (Information Assurance)
  • Penetration Testing
  • Network Security
  • Cyber Threat Analysis and Mitigation
  • Vulnerability Assessment
  • Risk Management Framework
  • System Security Plan
  • Network Management
  • IA Requirements and Strategy
  • Risk Assessment and Mitigation
  • Disaster Recovery Planning

2. Safeguarding CDI: DFARS 252.204-7012 and NIST 800-171

  • Compliance Gap Analysis
  • Total Compliance Lifecycle Management
  • Verification and Validation
  • Cybersecurity Risk Management Plan Development
  • Compliance Strategy Development
  • Policies and Processes Development and Documentation
  • UCTI Data Classification and Management
  • Adequate Security Consulting
  • Cyber Incident Response Plan Development
  • Prime Contracting Strategy and Consulting
  • Subcontractors Compliance Management
  • Risk Management
  • Role and Scenario Based Training

DFARS 252.204-7012 Requirement 12:00:00:00 H2L Solutions Is Ready. Are You?

FEATURED SERVICES

PENETRATION
TESTING

External and/or Internal Penetration Tests (Web Applications Included)

What's Included:

  • Penetration Test
  • Retest of Discovered Vulnerabilities
  • Executive Report
  • Technical Report - Complete with Mitigation Strategies and Technical Recommendations

Include Social Engineering:

  • Email Campaign (Optional)

OCIE
PRE-EXAMINATIONS

  • Policy and Procedure Development
  • Technology Solution Implementations
  • Strategic Vulnerability Management Plan
  • Cost-Effective Continuous Monitoring and Incident Response Plans
  • Risk Assessments
  • Data Loss Prevention Solutions Employee Awareness Training Media Protection Strategies

DFARS
252.204-7012

  • Compliance Gap Analysis
  • Policies and Processes Development and Documentation
  • CUI Data Classification and Management
  • Adequate Security Consulting
  • Cyber Incident Response Plan Development
  • Prime Contracting Strategy and Consulting
  • Subcontractor Compliance Management
  • NIST 800-171 Implementation Vulnerability Assessment

SECURITY
ENGINEERING

  • Identify System Security Requirements
  • SIEM Implementation Strategies Cyber Security Consulting
  • Security Solution Development Strategies
  • Security Standards Engineering and Implementation
  • System Security Architecture Design
  • Security Tools Implementation Strategies (Nessus, Rapid7, etc.)

RISK MANAGEMENT FRAMEWORK

  • RMF Categorization Guidance
  • Migration from DIACAP to RMF
  • Implementation Plan
  • Risk Assessment
  • Package Creation: Artifact Development
  • eMASS Navigation POA&M Management

CYBER THREAT ANALYSIS AND MITIGATION

  • Continuous Log Aggregation Log Correlation
  • Signature/IOC Database Updates
  • IDS Monitoring 24/7/365
  • HIDS Monitoring 24/7/365
  • 365-Day Log Retention
  • OSINT for Real-Time Tracking of Latest Threats
Hacking

Penetration Testing: Ethical Hacking, and Why That’s Not an Oxymoron!

Ethical hacking, also known as penetration testing, is the process of legally breaking into computers and devices to test an organization’s defenses. Companies implement this process to test its defenses and identify any system flaws or weaknesses. If penetration testers hack into and beyond the current defenses, this process offers the client a chance to […]

Read More
Cybersecurity

The White House’s New National Cyber Strategy: How It Impacts Government Contractors

President Donald Trump revealed a new National Cyber Strategy centering around four pillars of priority in September 2018. The strategy includes two main areas of impact for government contractors to include: Strengthen Federal Contractor Cybersecurity Improve Federal Supply Chain Risk Management The Four Pillars The National Cyber Strategy follows the release of the May 2017 […]

Read More
Vulnerability Scanning

The Differences Between Vulnerability Scanning and Penetration Testing

Vulnerability Scanning and Penetration Testing are two different things in the world of cyber security. Both are important in their respective roles, needed in cyber risk analysis, and required by standards such as PCI, HIPAA, and ISO 27001. Vulnerability Scanning and Penetration Testing depend primarily on three different factors: Scope Risk and criticality of assets […]

Read More