Case Study Hero Background

Case Study

Nimbis Services Establishes a Secured Splunk Footprint in AWS GovCloud

Customer: Nimbis Services

Industry: Business Services

Business Pain: Nimbis Services develops and operates a secure Trusted Silicon Stratus, a collaborative cloud platform and marketplace specifically supporting the trusted and assured microelectronics life-cycle for the Department of Defense and aerospace defense contractor community and is an approved microelectronics cloud platform. It provides a secure cloud service for government agencies to design integrated circuits for electronic weaponry in a private cloud community.

Beforehand, many engineers had independent silos on desktop computing, long wait times for software to be installed and licensed, low compute capacities and so forth. There were also many acute vulnerabilities to the microelectronics lifecycle that put the industry in major jeopardy of data comprises.

The Trusted Silicon Stratus cloud software platform product addresses the cyber-security concerns of the DoD and aerospace communities by tightly integrating with vulnerability, risk assessment and data provenance tracking tools such as blockchain. There are multiple security levels for accessing the Trusted Silicon Stratus.

A large part of the challenge to establishing this secure cloud platform included Splunk security and compliance solutions. TekStream helped Nimbis to establish a secured Splunk footprint in an AWS govcloud environment which included the full suite of Splunk security technologies, Enterprise Security, Phantom SOAR, User Behavior Analytics, and the CMMC compliance solution.

Key Pain Points:

Offering solutions for secure government facilities and specifically the U.S. Department of defense and contractor in the DIB.

  • Level 5 CMMC implementation to support the generation of CUI and proactive response to security threats.
  • Secured, scripted Terraform deployment of a Splunk environment in govcloud.
  • Onboarding of all security related data on an enterprise-wide basis.

Challenges:

As Nimbis is responsible for generating Controlled Unclassified Information, they are required to adopt the highest level of CMMC compliance. They are directly dealing with the DOD and the Defense Industrial Base so they needed to adopt a superior security / CMMC solution in that context. This included CMMC level 5, FedRAMP (IL4), and RMF ATO.

They required the ability to establish a secured environment for chip design and workflow in a dynamic cloud environment.

They had to provide visibility to security detection and response throughout the entire supply chain process to prevent malware and any unauthorized modifications or intrusion into related processes.

How we fixed it:

The most comprehensive security/compliance monitoring and response solution on the market, bar none, is the Splunk security suite. It can be implemented in weeks for a level 3 solution, or a couple of months for higher-order compliance levels.

  • A unique compliance approach that focused on implementing an automated solution first, and follow on gap analysis to smooth the path towards compliance and reduce analysis cycles.
  • Incremental levelling up of CMMC compliance levels
  • Proactive non-compliance alerting as well as security IOC detection and response
  • Scripted infrastructure in a Terraform AWS environment
  • Splunk clustered indexing environment
  • Data onboarding for relevant sources
  • Implementation of MITRE use cases / correlation searches
  • Implemented UBA use cases
  • Provided playbooks for key automated response use cases

Nimbis is now prepared for level 5 CMMC attestation when it becomes available. They have the ability, in a secure AWS govcloud environment, to respond to critical threats. They have established, with the CMMC solution layered on top of Splunk security solutions, a snapshot of compliance at any point in time as well as an ongoing culture of compliance and secure cloud computing infrastructure, over the course of two months.

RPO (Recruitment Process Outsourcing): Our RPO service adapts to your fluctuating staffing demands with cutting-edge recruitment technology.
Recruiting

Leading Federal Financial Institution Addresses Hiring Surges

The AWS team at TekStream deployed AI/ML services to automate capture and validate form data using a customized Intelligent Document Processing engine. Forms are aligned and OCR operations on text, form data, table information, signature detection and keyvaluepair data extraction are performed. The full form package and JSON of all relative data are sent to Salesforce, where a custom interface highlights indicators of questionable data using geometry location tags and artificial intelligence confidence on the accuracy of collected values.
AWS

AI/ML Cures Manual Processing Pains

Working through TekStream’s proven in-depth discovery and needs assessment process, a suite of AWS tools that effectively addressed SGK’s issues was identified. TekStream leveraged AWS to create an Intelligent Document Processing (IDP) solution that reviews printing proofs, extracts and stores key information and recognizes and performs language translation as needed.
AWS

SGK Document Processing Solution

TekStream’s assessment of Main Line Health’s MDR system immediately identified Splunk best practices to implement. Documentation of the new application architecture was created to improve visibility and put Main Line Health in control of its MDR system and Splunk ecosystem.
Splunk

Main Line Health Splunk MDR

Recruiting

TekStream RPO for a Top Financial Institution

Splunk

Vulcan Materials MDR Solution