PENETRATION TESTING
External and/or Internal Penetration Tests (Web Applications Included)
What’s Included:
- Penetration Test
- Retest of Discovered Vulnerabilities
- Executive Report
- Technical Report – Complete with Mitigation Strategies and Technical Recommendations
Include Social Engineering:
- Email Campaign (Optional)
SECURITY CONTROLS ASSESSMENTS
H2L has expertise in:
- Scanning and Data Collection
- Enterprise Mission Assurance Support Service (eMASS) generating reports detailing compliance versus non-compliance for each NIST SP 800-53 Control Correlation Identifier (CCI).
DFARS 252.204-7012
- Compliance Gap Analysis
- Policies and Processes Development and Documentation
- CUI Data Classification and Management
- Adequate Security Consulting
- Cyber Incident Response Plan Development
- Prime Contracting Strategy and Consulting
- Subcontractor Compliance Management
- NIST 800-171 Implementation Vulnerability Assessment
SOFTWARE DEVELOPMENT LIFECYCLE
H2L has experience with:
- Implementing and leveraging various SDLC models
- Designing, developing, and implementing software packages as well as troubleshooting, debugging, and implementing code while adhering to security best practices and software assurance requirements.
RISK MANAGEMENT FRAMEWORK
- RMF Categorization Guidance
- Migration from DIACAP to RMF
- Implementation Plan
- Risk Assessment
- Package Creation: Artifact Development
- eMASS Navigation POA&M Management
ARCHITECTURE AND ENGINEERING
H2L Solutions’ subject matter experts can help your A&E firm ensure compliance with DoD standards at any stage of the project:
- Tailoring of specifications during Design
- Implementation of technical solutions during Construction
- Independent verification of functioning controls
- Documentation during Commissioning.