We KNOW DevSecOps. We believe that automation is the way to confidently engineer both secure and compliant systems, while maintaining CI/CD goals. Our focus is on open source solutions, such as:
-Puppet -GitLab -SIMP -NiFi
Onyx Point is proud to employ some of the best and brightest minds in the DevSecOps field. We have the skills, certifications, and (most importantly) deep experience needed to develop and integrate technologies for today's security-conscious government and commercial environments. Whether you require DevSecOps consulting, RMF Automation, A&A guidance, or Security & Compliance services, our team is sure to exceed expectations and provide outstanding results.
Onyx Point specializes in all facets of DevSecOps automation, including implementation, annual support, professional services, and training. With Onyx Point, systems start compliant and stay compliant from Systems Development, to compliance certification and throughout production lifecycle.
e-fense provides Helix3, Live Response, and Aperio computer forensic software for law enforcement and first responders and Helix3 Enterprise for corporate security, e-discovery and computer forensic needs.
Skybox Security, Inc. is the leader in proactive security risk management solutions, providing automated, non-intrusive tools that detect, prioritize, and drive remediation of critical risks such as exposed vulnerabilities and firewall configuration errors. Skybox solutions prevent potential...
Core Security delivers market-leading, threat-aware, vulnerability, identity and access management solutions that provide the actionable intelligence and context needed to manage security risks across the enterprise.
Developed within the US Intelligence Community to address their A&A (ATO) and deployed system compliance challenges, SIMP has been released to the Open Source Community so others can leverage this cutting-edge DevSecOps framework. A&A Automation - SIMP shifts security compliance responsibility... Read more
An internal National Security Agency (NSA) research and development project created a new framework that emphasized two approaches. In the first, regular feedback is provided to developers about how various system design choices might cascade and ultimately impact security compliance. In the... Read more