Core Services

PonteTec is well-equipped to address the full scope of IA needs for its government and commercial clients throughout the entire security lifecycle. Its specific areas of expertise include:

Strategy and Policy
IT Security Planning & Strategy Compliance Processes
Risk Management IT Governance & Policy
Security Operations
Network Architecture Design Risk Assessment and Mitigation
Incident Response & Forensics Network & Application Security
Software Assurance Penetration Testing
Vulnerability Assessment Technology Evaluation
Advanced Defensive Technologies
Crypto Protocol Analysis & Design Windows Error Reporting Analysis
Custom Code Solutions Trusted Computing
Netflow Analysis


Support to the Defense Industrial Base Cyber Security/Information Assurance Program

The Department of Defense (DoD) and Defense Industrial Base (DIB) are losing critical information to foreign adversaries, largely due to the successful exploitation of DIB unclassified networks. Due to the combination of motivated attackers, a lack of effective defensive capabilities, and our nation’s reliance on global/Internet communications, this advanced and persistent threat (APT) has had little trouble compromising its DoD/DIB targets.

Ponte Technologies (PonteTec) has deep technical and domain knowledge, firsthand experience helping the DIB defend against this APT, and extensive understanding of IT (Information Technology)/IA (Information Assurance) issues. With this experience base, we’re able to serve our clients as a trusted third party, providing proven expertise in the IA investment process needed to address the Program’s requirements.

Our approach effectively locates sources and effects of intrusion, mitigates risks of compromise due to APT, and enhances an organization’s IA capabilities in a cost efficient manner:

Framework Agreement Planning
  • Agreement review and negotiation guidance to ensure fairness and compliance
  • IT/IS budget planning to meet Agreement requirements
  • Guidance in contract execution
Incident Response
  • Digital forensics to discern extent of damage
  • Advanced intrusion analysis (e.g., netflow, WER) to identify compromise
  • Tactical countermeasures to stop the bleeding
Security Risk Assessment
  • Evaluation of architecture, policies, and operations to baseline current situation
  • Vulnerability assessment and penetration test to assess security posture
  • Gap analysis to identify weaknesses and shortcomings
IA Strategy Development
  • Creation of a Deter, Defend, Detect, Respond strategy to address future attacks
  • Guidance for an effective analysis framework to empower security analysts
  • Creation of reporting, recovery, and training methodologies to prepare workforce