- About Us
- Contact Us
Torch uses IA best practices and processes to develop, implement, monitor, and analyze Controls Validation Testing (CVT), Certification and Accreditation (C&A), and Computer Network Defense (CND). We routinely produce the following: comprehensive DIACAP packages; “QuickLook” Scan-Only reports; Connection Authorizations; Authorizations to Operate; and Authorizations to Test. We organize the data generated from these tests for storage and sharing using tools such as eMass and an enhanced Enterprise SharePoint solution. In addition, Torch performs network scans using equipment and software algorithms such as eEye Digital Retina, Assured Compliance Assessment Solution, and NEXPOSE vulnerability scanners. Torch uses its proven processes and tools to accomplish event detection & reporting, containment, response, recovery and post-incident analysis. Our specific capabilities in this area include the following:
Implementation of application security using tools such as Fortify 360 for automated source code analysis to detect common vulnerabilities.
Use of local and network scanning tools to assist in overall analysis in order to determine the true risk of threats and vulnerabilities.
Implementation, administration, support, and management of DIACAP and RMF transition; along with other federal cyber security compliance mandates such as Federal Information Security Management Act of 2002 (FISMA), Federal Information Processing Standards (FIPS) Publications, and NIST Special Publications (800 Series).