Scientia personnel were among the first founding members of the federally-funded Honeynet alliance and were responsible for the development of the SEBEK and WALLEYE intrusion detection, monitoring, analysis, and forensic tools for Information Assurance.  The technology developed won numerous awards, including best paper and best paper runner-up at the IEEE Information Assurance Workshops held at the United States Military Academy.

Fundamental Elements of Information Assurance

Scientia personnel have multi-year experience in high-performance continent-scale network security for both the United States government as well as the research and education community.  In that role they have developed, proposed, and fielded a number of technologies addressing issues of malware fingerprinting, automated “phishing” detection through passive packet inspection, statistical network traffic analysis, network topology discovery and host and network-based intrusion detection and mitigation systems.  These technologies have been used by federal law enforcement and national security organizations for observing, tracing, recording, and prosecuting illegal and un-authorized use of information technology assets.

Specific areas of practice include consulting on engineering “best practices” with regard to producing inherently robust IA-compliant software, system penetration testing and evaluation, cryptographically-secure inter-process and inter-machine communication, database reliability and survivability, and net-centric system, sensor, and infrastructure architecture, design, engineering, test, and deployment.  Scientia personnel have conducted federally-funded IA workshops and given presentations on IA technology and practices at venues such as West Point, Hamilton College, and the United States Air Force Research Laboratory.

At  Scientia we believe that, like reliability testing and performance maximization, Information Assurance must be an integral component of system design, engineering, and implementation from project genesis to project sunset.  We do not believe that Information Assurance can be added, without great cost, to projects in mid to late term development.  We believe that proper attention to all aspects of Information Assurance, from cybersecurity to information probity to system reliability, can and must be a primary component of any automated information or control system.