News

Nexagen provided design, development, and maintenance of software applications, databases, and SharePoint portal for NWDC. Under this Task Order, Nexagen also provides IT/Helpdesk, COMSEC, and Help Desk support for the NWDC.

As a subcontractor to Prime, Nexagen provided Cybersecurity and A&A (previous Certification and Accreditation) expertise for several different Manned and Unmanned BCT-M vehicular Information Systems. These included Network Integration Kit (NIK), Tactical and Urban Unattended Ground Sensors (T/U-UGS), Small Unmanned Ground Vehicle (SUGV), Class I Unmanned Air System (UAS), Common Controller (CC), IO Kit and Incremental Battle Command Extension (IBEX) systems. Our roles and responsibilities included the following tasks:

Security Engineering Support: We provided requirements engineering for the Army BCT-M program. System IA requirements were derived from DoDI 8500.2, Army Regulation 25-2, DoD 5XXX series of policies, and DCID 6/3 PL3 and higher.

IA requirements non-compliance cases: performed Security Risk Assessments and derived get-well plans for IA requirement non-compliancy cases for review by the ISSM and SCA-V.

NSA/NIAP/NIST Certification: We developed the CDS certification documentation package for the NIK Dual Enclave configuration in support of the NSA-guided CDS Certification Test & Evaluation (CT&E). We also developed the Key Management Plan (KMP) for the CC Data At Rest (DAR) solution to be NIST Certified. Developed the Security Target for System of System Common Operating Environment (SOSCOE)’s NIAP certification.

Software Assurance: We developed guidance on Malicious Code Detection and Risk Management Process for BCT-M. We derived Software Assurance Section for BCT-M Software Development Plan (SDP). We also performed security risk assessments on reuse software types for BCT-M Software Configuration Control Board (SCCB) review and concurrence.

Self-Assessor Support: Conducted Self-Assessment ensuring robust secured System of System (SoS) implementation for ATO decision.

Certification and Accreditation Documentation Support: Developed and maintained Certification & Accreditation Documentation.

As a Prime, Nexagen provided Cybersecurity/RMF services to SSC Pacific customer (DHS, USCG, Navy, Army, NSA). Under this contract, we have been awarded ten task orders to provide full life-cycle A&A/C&A services complying with DoDI 8510.01 (DoD RMF), DoDI 8500.01 (DoD Cybersecurity), NIST 800 Series, DoDI 8500.02, DoDI 8510.01(DIACAP), DoDD 8115.02, CNSSI 1253. Our duties included the following:

• Conducted Security Test and Evaluation on various USCG and NAVY Platforms, ex: Fast Response Cutter (FRC) 14/15, USCG National Security Cutter (NSC), USCG minotaur, Munroe, CG-SAIL, CPA NSC, CG Declass

• Provided SCA-V support on National Museum of Health and Medical Local Area Networks (NMHM LAN)

• Provided Cybersecurity support to DHS FMSII project.

• Provided Cybersecurity support on Navy Data Center Infrastructure Cyber Support, SSC Pacific Navy Data Center Infrastructure (SNDCI)

• Provided self-assessor support on Navy Data Environment (NDE) 3.0 suites of application software for ATO decision.

• Assisted SSC Pacific to develop and maintain inhouse developed Windows and Unix vulnerability scanning tools called Designated Windows Architecture Risk Framework (DWARF) for Windows and Automated Capture Toolset (ROSE) for Unix/Linux.