Case Study

Nimbis Services Establishes a Secured Splunk Footprint in AWS GovCloud

Customer: Nimbis Services

Industry: Business Services

Business Pain: Nimbis Services develops and operates a secure Trusted Silicon Stratus, a collaborative cloud platform and marketplace specifically supporting the trusted and assured microelectronics life-cycle for the Department of Defense and aerospace defense contractor community and is an approved microelectronics cloud platform. It provides a secure cloud service for government agencies to design integrated circuits for electronic weaponry in a private cloud community.

Beforehand, many engineers had independent silos on desktop computing, long wait times for software to be installed and licensed, low compute capacities and so forth. There were also many acute vulnerabilities to the microelectronics lifecycle that put the industry in major jeopardy of data comprises.

The Trusted Silicon Stratus cloud software platform product addresses the cyber-security concerns of the DoD and aerospace communities by tightly integrating with vulnerability, risk assessment and data provenance tracking tools such as blockchain. There are multiple security levels for accessing the Trusted Silicon Stratus.

A large part of the challenge to establishing this secure cloud platform included Splunk security and compliance solutions. TekStream helped Nimbis to establish a secured Splunk footprint in an AWS govcloud environment which included the full suite of Splunk security technologies, Enterprise Security, Phantom SOAR, User Behavior Analytics, and the CMMC compliance solution.

Key Pain Points:

Offering solutions for secure government facilities and specifically the U.S. Department of defense and contractor in the DIB.

  • Level 5 CMMC implementation to support the generation of CUI and proactive response to security threats.
  • Secured, scripted Terraform deployment of a Splunk environment in govcloud.
  • Onboarding of all security related data on an enterprise-wide basis.

Challenges:

As Nimbis is responsible for generating Controlled Unclassified Information, they are required to adopt the highest level of CMMC compliance. They are directly dealing with the DOD and the Defense Industrial Base so they needed to adopt a superior security / CMMC solution in that context. This included CMMC level 5, FedRAMP (IL4), and RMF ATO.

They required the ability to establish a secured environment for chip design and workflow in a dynamic cloud environment.

They had to provide visibility to security detection and response throughout the entire supply chain process to prevent malware and any unauthorized modifications or intrusion into related processes.

How we fixed it:

The most comprehensive security/compliance monitoring and response solution on the market, bar none, is the Splunk security suite. It can be implemented in weeks for a level 3 solution, or a couple of months for higher-order compliance levels.

  • A unique compliance approach that focused on implementing an automated solution first, and follow on gap analysis to smooth the path towards compliance and reduce analysis cycles.
  • Incremental levelling up of CMMC compliance levels
  • Proactive non-compliance alerting as well as security IOC detection and response
  • Scripted infrastructure in a Terraform AWS environment
  • Splunk clustered indexing environment
  • Data onboarding for relevant sources
  • Implementation of MITRE use cases / correlation searches
  • Implemented UBA use cases
  • Provided playbooks for key automated response use cases

Nimbis is now prepared for level 5 CMMC attestation when it becomes available. They have the ability, in a secure AWS govcloud environment, to respond to critical threats. They have established, with the CMMC solution layered on top of Splunk security solutions, a snapshot of compliance at any point in time as well as an ongoing culture of compliance and secure cloud computing infrastructure, over the course of two months.