SDV INTERNATIONAL delivers positive results for our customers. We provide solutions based on integrated commercial products, custom development, and information systems operations and maintenance. Our subject matter experts offer leading information technology solutions and services, business transformation, strategic consulting, application development, and managed services that provide highly effective, cost-saving capabilities to our public and private sector customers.
SDV INTERNATIONAL experts specialize in a wide range of cloud computing enclaves, and our security team recently completed security control selections and ATO packages for an entirely new department-wide application at the Department of Veterans Affairs, which is hosted in the FedRAMP Amazon Web Services (AWS) cloud.
SDV INTERNATIONAL's executive team brings years of technology experience to your organization. We provide end-to-end consulting for today’s most challenging technology problems.
SDV INTERNATIONAL enables clients to protect information systems and data, provides expert cybersecurity solutions, and supplies intelligence monitoring and analysis. SDV INTERNATIONAL’s staff includes cleared and credentialed subject matter experts in penetration testing, information assurance, signals intelligence, and full-spectrum computer network operations. We enable both private and public sector clients mitigate the risk and impact of cyber attack. Drawing on our cutting edge expertise gleaned from supporting global organizations, our staff crafts realistic and effective strategies for dealing with the modern cyber threat.
Over the past 7 years we’ve sourced, screened, interviewed, and maintained dialog with hundreds of qualified candidates throughout our practice areas. Let us use our hard work and relationships to build a great team for your project.
Highlight: SDV INTERNATIONAL is a protege of IBM Corporation, and is an officially registered staffing firm for IBM's commercial and federal practices.
Whether it’s the implementation of an off-the-shelf product or a custom-developed solution, we can develop a solution for your organization. In addition, SDV INTERNATIONAL has extensive expertise in ensuring compliance with FISMA and the multitude of security overlays required to attain federal Authority to Operate for new information systems.
mSDV INTERNATIONAL builds custom applications that leverage one of today’s most ubiquitous mobile devices.
Did you know?
- Google announced that in 2014, the number of mobile devices that accessed Google exceeded the number of desktop searches for the first time.
- A third of DOD’s contract specialists were under 34 years old in 2012. They are millennials who prefer mobile devices, based on many studies.
A selection of technology White Papers...
SDV INTERNATIONAL enables clients to protect information systems and data, provides expert cybersecurity solutions, and supplies intelligence monitoring and analysis. SDV's cleared, credentialed and talented subject matter experts deliver penetration testing, information assurance, signals intelligence, and full-spectrum computer network operations. Drawing on our cutting edge expertise gleaned from supporting elite global organizations, our staff crafts realistic and effective strategies for dealing with the modern cyber threat.
From our on site workforce to our top corporate leadership, we know how to manage security programs. For example, SDV INTERNATIONAL's President, holds a Master of Science degree in Cybersecurity, and is a Certified Information Systems Security Professional (CISSP), a Certified Project Management Professional (PMP), and DoD Information Assurance Technical Level III Certified (IAT-III) and Information Assurance Management Level III Certified (IAM-III). Our team's expertise includes, but is not limited to research and projects in:
Cyberspace and Cybersecurity - cyber architecture, cyber services, protocols, algorithms, hardware components, software components, programming languages, various cybersecurity mechanisms, business continuity planning, security management practices, security architecture, operations security, physical security, cyber terrorism, and national security.
Prevention and Protection Strategies - prevention of cyber-attacks, including countermeasures based in training, encryption, virtual private networks, policies, practices, access controls, secure systems development, software assurance arguments, verification and validation, firewall architectures, anti-virus, patching practices, personnel security practices, and physical security practices. We also have extensive experience with business continuity plans and disaster recovery plans (BCP, DRP), including strategies for large-scale prevention, including critical infrastructure protection, international collaboration and law enforcement.
Monitoring, Auditing, Intrusion Detection, Intrusion Prevention, and Penetration Testing - intrusion detection and prevention in cyberspace, including network security, monitoring, auditing, intrusion detection, intrusion prevention, and ethical penetration testing. Developmental applications have included Intrusion Detection Systems (IDS), rule creation and application, penetration strategies, and continuous monitoring strategies.
Digital Forensics and Cyber Crime Investigation - computer forensics, network forensics, cell phone forensics, and other types of digital forensics, with focus on identification, collection, acquisition, authentication, preservation, examination, analysis, and presentation of evidence for prosecution/defense purposes.
Cyber Event Modeling and Simulation - developing, leading, and implementing effective enterprise-level and national-level cybersecurity programs, with focus on establishing programs that combine technological, policy, training, auditing, personnel, and physical elements. Modeling and simulation research and exercises include challenges within specific industries (e.g., power grid, health, banking, finance, and manufacturing). Modeling and simulation research and exercises include intense focus on architecture, risk management, vulnerability assessment, threat analysis, crisis management, security architecture, security models, security policy development and implementation, security compliance, information privacy, identity management, incident response, disaster recovery, and business continuity planning. (Related Terms include: Cybersecurity Modeling and Simulation, CyberWar Games, Red Team, Blue Team, and Orange Team.)
Penetration Testing and Analysis - Our evaluations staff will conduct active analysis of the security of web applications, client computer systems, and networks in order to identify potential vulnerabilities. Following these tests, which are designed in detail with the client to ensure trust and strong communications, SDV INTERNATIONAL will fold the results of the evaluations into a robust risk analysis package.
Cybersecurity Consulting and Training - These services include, but are not limited to, information assurance and cyber defense (applied and active). Our consultants assess vulnerabilities based on proven risk analysis models. Our recommended countermeasures can be implemented through training programs that cater to various roles and levels of professional expertise, from flag officers and CEOs, to downrange tactical teams and other operations professionals.
OSINT Monitoring and Countermeasures Targeting - As part of our risk analysis, SDV INTERNATIONAL formulates targeting matrices tailored to our client organization to sketch and follow possible threats via analysis of real-time monitoring of threat streams.
Logical & Physical Access Controls - As organizations move quickly to adopt PKI-based integrated physical access control systems [PACS], there is a critical need for integrators and consultants to demonstrate expertise in designing and overseeing the implementation of these environments. Securing public and private sector facilities requires robust identity credentials that are both resistant to fraud and meet the standards of an official certification process. SDV INTERNATIONAL can help your organization leverage PKI-based identity credentials to reduce the total cost of securing facilities while delivering the efficiency and protection of an integrated approach to physical access control. Our trusted PACS services will enable you to extend investments in PKI for logical access to existing and planned PACS infrastructure, and harmonize the integrity and security of facilities with your cybersecurity programs. We support all products from the CertiPath Approved Products List, as well as other DoD suppliers.
Our experts place a strong emphasis on Cybersecurity, and incorporate a NIST standards and guidelines into our projects. We support many enclaves, and are known for success in the following areas:
- Developing System Security Plans (SSP), from inception to ATO/IATO. Developing gap analyses and plans of action and milestones to prepare commercial systems for entry to government capability and GRC (i.e. FISMA compliance).
- Providing support to migrate from DIACAP to RMF, including crosswalk strategies.
- Supporting DISA eMASS, providing visibility into authorization packages, wizard functions, linear workflows and approvals.
- Implementing STIGs for various products, using DISA STIG Viewer, ConfigOS STIG remediation for Redhat Linux, Windows, etc.
- Providing support with Governance, Risk and Compliance (GRC) tools to meet the following compliance and configuration auditing requirements: PCI, HIPAA/HITECH, NERC, FISMA, GLBA, SOX, CERT, CIS, COBIT/ITIL, DISA STIGS and NIST.
- Utilizing Security Content Automation Protocol (SCAP), the NIST methodology used to evaluate vulnerability management, measurement, and policy compliance of security software solutions and NIST requirements to: define settings (XCCDF); evaluate targets (OVAL); determine whether targets are applicable for a (CPE); examine Common Vulnerabilities and Exposures (CVE); examine Common Configuration Enumeration (CCE); generate standardized reports (ARF); utilize Common Vulnerability Scoring System (CVSS); and utilize the Trust Model for Security Automation Data (TMSAD) to describe a common trust model that can be applied to specifications within the security automation domain.
- Deploying Tenable Nessus Cloud, Nessus Manager and Nessus Professional for asset discovery, configuration auditing, target profiling, malware detection, sensitive data discovery, and vulnerability analysis, including strategic Agent-based scanning of online and offline devices.
- Supporting Tenable Security Center (NIST SCAP 1.2 compatible) to consolidate and evaluate vulnerability data across organizations, prioritizing security risks and providing a clear view of security posture. Developing customized dashboards and reports, and Assurance Report Cards (ARCs) to visualize, measure and analyze the effectiveness of security programs for Governance, Risk and Compliance (GRC). Communicate ARCs and other Score Cards to top organizational leadership and technical staff.
- Supporting Tenable SecurityCenter Continuous View (SecurityCenter CV) to collect data from multiple sensors to provide advanced analysis of vulnerability, threat, network traffic and event information and deliver a continuous view of IT security across your environment, generating information needed to continuously adapt and improve security posture to protect organizations.