The CYBER DEFENSE CENTER offers strategic Services as part of the DEFEND program to fulfill our mission. Services represent how we deliver on our Collective Defense vision. Services available under the DEFEND program are what CYBER DEFENSE CENTER does to help the community, many times at zero cost. The DEFEND program represents half of our mission.
Our services from 2012-2021 were primarily research focused. As of April 2022, the following services are now available to the community and critical infrastructure as a result of over a decade of research. We have created innovative ways to measure, improve, and test your cyber defense force posture. If you are seeking a consultation, please contact us directly. Our contact information is available on the ABOUT page.
This listing represents our core services. CYBER DEFENSE CENTER also offers other services to our ASCEND and DEFEND beneficiaries through strategic partnerships.
CYBER DEFENSE CENTER ASSURANCE provides a portfolio of path to certification services for assessing and optimizing your cyber operations. As you ASCEND, we recognize your achievements with our SECURE validation and/or FORTIFY certification seals. Whether you are one of our elite protection partners or a collective defense member, our assurance seals offer a new recognition for achievement that shows your company is indeed making a difference. CERTIFY TODAY!
CYBER DEFENSE CENTER INTELLIGENCE services provide a comprehensive view of cyber defense capabilities and performance that elevates existing cyber operations to a new plain of defense decision support. Visualize your cyber security with the CYBER DEFENSE CENTER reference architecture and our balanced maturity models. Apply up to 6 perspectives on your cyber defenses.
BETTER INTELLIGENCE. BETTER DECISIONS.
CYBER DEFENSE CENTER RESPONSE is a training and exercise platform for members to collectively engage in simulations to test their organization's readiness to cyber threats in real time. These services dive deeper than traditional training, red and blue team CTFs, or exercises. Collaborate on command and control, containment, suspicious code reviews, malware reverse engineering, attack intervention techniques, attribution, forensics, notifications, litigation support, and recovery support.
The CYBER DEFENSE CENTER performs RESEARCH activities to benefit and educate the community. Researchers test security flaws through our TESTING services, perform industry trending and analysis, sponsors villages at Defcon such as DRONEWARZ, builds test environments for training programs, designs new penetration testing platforms through FORCE LABS, and OT cyber defense research through DEFENSE CENTER.
The CYBER DEFENSE CENTER has a core ASEND mandate to perform COMMUNITY OUTREACH and raise awareness to cyber threats facing the community. Our OUTREACH efforts focus our mission on applied sciences by engaging the community for workforce development, collective defense, and public/private sector partnership. CYBER DEFENSE CENTER has founded FORCE4 as part of this mission to create a new select league for community cyber CTF competitions.
The CYBER DEFENSE CENTER performs security research and cyber defense TESTING on a contractual basis for several original equipment manufacturers and companies building or using unique to niche products that they want to expose to comprehensive security testing. We offer several testing options to choose from and uses the rules of responsible disclosure in communicating or facilitating bug/vulnerability disclosures to the impacted or responsible parties.
CYBER DEFENSE CENTER performs security research and cyber defense TESTING on a contractual basis for several original equipment manufacturers and companies building or using unique to niche products that they want to expose to comprehensive security testing. This includes traditional vulnerability testing with a much wider tool set, penetration testing, fuzzing, customized testing, and other advanced testing techniques to help you identify security weaknesses.
The CYBER DEFENSE CENTER TRAINS and certifies cyber security STAFF with OTSEC Cyber Defense Certifications, critical infrastructure WORKFORCE with Secure Workforce Awareness Training (SWAT), and COMPANIES and PRODUCTS with our Assurance Services offering your company verification and validation seals that recognize your cyber security achievements. The goal is to battle-ready your workforce against emerging cyber threats while providing a safe and secure experience.
The CYBER DEFENSE CENTER facilitates tabletops for WARTIME scenarios to help critical infrastructure organizations. We also assist companies with readiness, preparation, planning, and understanding variances between cybercrime and cyber conflict by advising on wartime restrictions and attacker motives. The CYBER DEFENSE CENTER will also help advise your company on response playbook development. Performing an exercise is an effective way to determine readiness.
Engage the CYBER DEFENSE CENTER today to see why SERVICES offered by not-for-profits are a force advantage to your organization.
Our ASSURANCE service provides our members and the community with a proven and battle tested methodology for aligning their cyber defense posture with their existing compliance goals. Our methodology uniquely balances the conformance needs of our members that are currently measuring cyber security compliance against using laws, regulations, or other third-party validation/certification programs with our performance-based security models. The CYBER DEFENSE CENTER ASSURANCE service recognizes the investments and work you have done on conformance initiatives to date and adds a layer that allows you to visualize your company's cyber defense posture. We contend that defense is not demonstrated or proven using compliance not though traditional vulnerability or penetration testing. We are also not stating that these approaches are not essential to defense. But we do know that companies that use these methods of measurement are still getting breached. So how can we change the way we demonstrate and measure defense that has the ability to stop breaches?
Our ASSURANCE services allows your company to select a path that works best for you. Whether you would prefer to apply our methodology and mature to measurement status to a product (SECURE validation) or show others how well your company is doing with our certification (FORTIFY), you will improve your cyber defense posture and optimize risk along the way. Companies also consistently experience a significant cost reduction (avoidance and savings) in their overall security technology portfolio due to the security tool rationalization process that accompanies our INTELLIGENCE reference architecture assessment. An expected outcome is that you will be able to do more with less. You will also find that what you do will have more focus. Our methodology has also increased security budgets 10-fold. This is accomplished with contextualism and perspective. You will gain a clear understanding of the balance between conformance and performance. You will also have visualizations of where defense capabilities are absent or not implemented.
INTELLIGENCE services provide a comprehensive view of cyber defense capabilities and functional performance that elevates existing cyber operations to a new plain of defense decision support.
The CYBER DEFENSE CENTER INTELLIGENCE service leverages a unique and comprehensive analysis methodology that we have developed that allows your company to look at your defenses in a comprehensive manner. Here is how we approach this analysis:
1) What defense capabilities are possible? - First, we start from a master list we have created of what is possible. We are constantly looking at emerging threats, what our members are doing, and technology trends to identify what is out there.
2) What defense capabilities do you own? Second, we rationalize your defense portfolio capabilities against our master list to identify what you can do.
3) What are you doing? - Third, we look at how you are using your defense capabilities to determine what you are doing.
4) Are your defense capabilities adequate? - Next, we use our defense maturity models to measure what you are doing against known and emerging threats.
5) How do your current capabilities compare? - We also look at what you could do with what you have (licensing or deployment) and if overlap exists or how they compare to each other.
6) What are you missing? - We then identify defense capabilities that you are missing to prevent, detect, interrupt, or respond to cyber threats.
7) Is what you are doing working? - Last, as part of certification or elective testing, we test your defense capabilities for effectiveness against all known threats.
Our INTELLIGENCE service analysis is then balanced against your strategy (what you want to do), costs (what you can do), risk (why you need it), and compliance (what you have to do). This analysis produces 6 output perspectives on security that define your company's cyber defense posture.
Visualize your cyber security with the CYBER DEFENSE CENTER reference architecture and our balanced maturity models. Companies that use this approach consistently experience a significant cost reduction (avoidance and savings) in their overall security technology portfolio due to the security tool rationalization process that accompanies our INTELLIGENCE reference architecture assessment.
An expected outcome is that you will be able to do more with less. You will also find that what you do will have more focus. Our methodology has also increased security budgets 10-fold. This is accomplished with contextualism and perspective.
The CYBER DEFENSE CENTER INTELLIGENCE service also performs in depth industry analysis on data breaches, cyber threats, vulnerabilities, privacy trends, legal trends, industry trends, and defense priorities. We aggregate multiple sources including data from our active and past engagements to provide baselines and model industry performance weaknesses.
RESPONSE services provide CYBER DEFENSE CENTER members with a training, simulation, and real-world exercise repository and platform for members to collectively engage in tests to better prepare their organization's readiness to cyber threats in real time.
RESPONSE services provide members with threat models, exercise scenarios, response playbooks, and interactive simulation environments. We know how you will be attacked, what threats you will likely be facing, and how to respond.
The CYBER DEFENSE CENTER has also taken these concepts much further to allow our INTELLIGENCE service to pivot capabilities to defense tactics. We use state of the art defense threat models such as the popular MITRE ATT&CK Matrix for Enterprise for threat informed defense and match these threats against intelligence driven defense capabilities and our exclusive models to derive a defense posture and where you may need to prepare for or gain practice with RESPONSE.
Our Secure Workforce Awareness Training (SWAT) allows your company to use gamified training and innovative awareness campaigns to engage your workforce in new and more effective ways. The goal is to extinct out the risky behaviors of our workforce while increasing desired and safe behaviors. The CYBER DEFENSE CENTER has adapted popular and effective organizational behavior strategies such as Antecedent Behavior Consequence (ABC) models with our Authoritative Principle (developed by the CYBER DEFENSE CENTER) to achieve workforce behavior measurement and modification like nothing you have ever experienced.
The CYBER DEFENSE CENTER has improved the popular Lockheed Martin Cyber Kill Chain methodology and adapted it for non-military targets by eliminating weaponization steps and adding Vulnerability, Payload and Conceal steps that are common in malware indiscriminate attacks with secondary exploits. This CYBER DEFENSE CENTER COMMERCIAL KILL CHAIN is more representative of how private sector will likely be attacked.
The CYBER DEFENSE CENTER RESPONSE service has mapped threats and defense tactics from MITRE ATT&CK to our KILL CHAIN. We have also enriched the model with your defense capabilities and maturity.
The CYBER DEFENSE CENTER has created the cyber defense force posture readiness and alert model for companies and communities in the United States and its territories. This Force Readiness model was derived from civil defense programs of the 20th century and NATO readiness articles (Article 3-5). This model is intended to help companies identify transitions in force posture strategy based on geo-political events or cyber-attacks in the United States. The RESPONSE service includes activation triggers and company advised response actions in events where Force Readiness levels reach Level 4 and Level 5.
The CYBER DEFENBSE CENTER specializes in WARTIME TESTING. We facilitate this level of testing for critical infrastructure organizations seeking to develop RESPONSE playbooks or better prepare and plan for the potential for CYVER Conflict or CYBER WARFARE.
The RESEARCH projects in this section are part of the CYBER DEFENSE CENTER research institute, Defense Center. The CYBER DEFENSE CENTER performs research activities to benefit and educate the community. Researchers can test security flaws, reverse engineer suspicious code, test collective defense capabilities, or publish statistical trend reports to help members prioritize annual defense initiatives. The past 10 years of RESEARCH has driven innovation projects such as those listed here:
Our cutting-edge OT cyber defense RESEARCH lab offers an environment for improving and testing OT defense capabilities and simulating and testing threats. The lab offers real Wind turbine power generation, Solar/photovoltaic (PV) power generation, Programmable logic controllers (PLC), Human machine interfaces (HMI), Distributed control systems (DCS), Remote terminal units (RTU), Pumps, Valves, Sensors, Pumps, Switches, Fans, and defense systems such as Firewalls, IDS/IPS, and new and advanced defense capabilities. We are adding Hydro power generation and Industrial Robots.
CYBER DEFENSE CENTER RESEARCH has sponsored several AI projects that are active for innovation and incubation at FORCE LABS. These include Evil GPT, Reverse Engineering Temperature scores used by plagiarism checking, and identifying AI generated code and content versus human generated code and content.
CYBER DEFENSE CENTER sponsored the drone and robotics hacking village at DEFCON (Dronewarz) for several years. Our RESEARCH yielded several new CVEs, testing for sensor attacks, forensic methods that are now incorporated into FTK and other platforms, new training programs offered by EC-COUNCIL, race security and cheat testing (Sponsored by DRL and MultiGP), and vulnerability/pen-testing. Although no longer at DEFCON, Dronewarz is still a program of CYBER DEFENSE CENTER and drone and robotics hacking and games reside at FORCE LABS. The Skyjacker I and II projects are deprecated, Skyjacker III is seeking a research sponsor. The Games are also open for additional research sponsorship. Research was also sponsored by Whitefox Drone Defense, Fat Shark, R00tz, Ettus Research, Drone Pilot Ground School, EC-Council, Set Solutions, and Novetta Research (now part of Accenture).
CYBER DEFENSE CENTER is actively sponsoring a RESEARCH project called Micr0wav3, which is a mobile pentesting kit designed to scan and test microwave communications. This specialized security testing capability will look at open and encrypted microwave wireless signals and stations for weaknesses and security control testing. Castle Rock Microwave is sponsoring this new capability to ensure it is build within FCC rules and regulations.
CYBER DEFENSE CENTER is sponsoring and building a new offensive capability for RESEARCH, Micr0wav3. As this testing capability evolves, the need for better defense will also emerge. Wave Guides is a theoretical microwave defense capability that can be deployed along side these communications platforms. Wave Guides may also be adapted for LTE and 4/5G communications and tower infrastructure security. This incubation initiative seeks to become an innovation project if technically feasible and funded.
CYBER DEFENSE CENTER is actively sponsoring a RESEARCH project that will be published at breachreports.org - Breach Reports are essential when researching, monitoring, and cataloging threats to communities, critical infrastructure, and the country. This innovation project focuses on creating a new catalog of historical breach reports by aggregating data from several sources with new and innovative criteria for analytics.
CYBER DEFENSE CENTER is building a new program based on historical RESEARCH, Alertnetwork.org - The CYBER DEFENSE CENTER is deigning a new public/private sector alert network for cyber defense force posture readiness alerts, news, and member advisories. This Information Sharing service includes several partners to provide members with threat intelligence that surpasses open-source providers and current sector information security and analysis centers.
CYBER DEFENSE CENTER is building attack5.com based on historical RESEARCH - The CYBER DEFENSE CENTER is developing new technology platform to assess defense capabilities for detection, prevention, and intervention in real time. Intervention readiness reveals a company's readiness to engage an active threat rather than simply responding to threats that have already occurred. The goal is to measure intervention and the incident response team's ability to disrupt an attack. This incubation initiative seeks to design the new attack5 TESTING platform.
CYBER DEFENSE CENTER is building cloudstrike.org based on historical RESEARCH - The CYBER DEFENSE CENTER has designed a new hybrid cloud testing capability, Cloud Strike. Designed to attack and test resources and services across multiple cloud platforms, this new incubation initiative identifies an integrated approach to fulfill this potential innovation project goal. CloudStrike may or may not be integrated into the attack5 platform.
CYBER DEFENSE CENTER is building and incubating stealthstrike.org and rapidstrikes.com based on historical RESEARCH - The CYBER DEFENSE CENTER has designed a new service to test wartime attack simulations as part of or independent of the new attack5 platform. Wartime attack motives such as Espionage, Social, Economic, Sabotage, Disruption, and Domain Control are not part of current penetration testing playbooks. Stealth Strike and Rapid Strikes builds out this new capability.
CYBER DEFENSE CENTER is building and incubating exploit5.com based on historical RESEARCH - This historical RESEARCH has already yielded a capability model to provide a comprehensive view of cyber defense capabilities and functional performance that elevates existing cyber operations to a new plain of defense decision support. Exploit5, as part of the attack5 platform, is being incubated to test the effectiveness of participantdefenses at nearly any layer of the technology architecture. This is a new type of Red Teaming and Pen testing that includes wartime exploits.
DRONEWARZ is a community research, training, workforce development, and COMMUNITY OUTREACH initiative. DRONEWARZ was the official drone and robotics hacking village at DEFCON from 2014-2019. This initiative began as a education initiative as part of R00tz (Defcon for kids) then expanded to a full village. Research led to current Drone hacking training provided by EC-COUNCIL.
FORCE LABS is a community research, COMMUNITY OUTREACH, and workforce development initiative. CYBER DEFENSE CENTER has built a lab where the community can collaborate on cyber security, training, and community projects with a purpose. Force Labs also partners with several other charities to future proof giving.
FORCE4 is a research, COMMUNITY OUTREACH, and workforce development initiative. CYBER DEFENSE CENTER designs unique CTF challenges and facilitates a select league for cyber competitions.
The FORCE POSTURE PODCAST is a COMMUNITY OUTREACH program to provide ongoing community education and awareness to emerging cyber threats and challenges.
The CYBER DEFENSE SUMMIT is an annual conference and COMMUNITY OUTREACH initiative that brings together the community to advance collective cyber defense efforts and capabilities.
BREACH REPORTS is COMMUNITY OUTREACH news and investigative journalism site dedicated to aggregating breach data, investigating and reporting on breaches, and supporting whistleblowers.
Aside from the initiatives listed below, CYBER DEFENSE CENTER is actively developing new community outreach programs. Here are a few that are planned for 2024 release.
The CYBER DEFENSE CENTER has initiated a new podcast in 2024 to help fulfill our mission of community outreach. The FORCE POSTURE PODCAST will focus on cyber threats, challenges, and policies that are adversely affecting communities, critical infrastructure, and culture. The host of the podcast, the Executive Director of CYBER DEFENSE CENTER, will facilitate introspective and enlightening discussions on topics in this exciting field. Join the CYBER DEFENSE CENTER in this outreach initiative today. FORCE POSTURE PODCAST.
FORCE LABS is the community action arm of the CYBER DEFENSE CENTER and represents a partnership between local universities and the community. Force Labs was initially founded in 2023 to change the velocity of the Center's mission of a COMMUNITY OUTREACH organization that can scale nationwide.
Force Labs is both a place and an idea. The first location is physically located in Castle Rock Colorado. The Lab is designed as a maker and collaboration space to turn community, cyber defense, and passion projects for lab sponsored beneficiaries into reality. This lab actively engages the community in the CYBER DEFENSE CENTER mission.
CYBER DEFENSE CENTER sponsored the drone and robotics hacking village at DEFCON (DRONEWARZ) for several years. This unique program engaged the community in the mission of CYBER DEFENSE CENTER through research into drone and robotics hacking and testing. Although no longer at DEFCON, DRONEWARZ is still a COMMUNITY OUTREACH program of CYBER DEFENSE CENTER and drone and robotics hacking and games reside at FORCE LABS. The Games also engage the research community for additional research sponsorship. DRONEWARZ Research was sponsored by Whitefox Drone Defense, Fat Shark, R00tz, Ettus Research, Drone Pilot Ground School, EC-Council, Set Solutions, and Novetta Research (now part of Accenture).
CYBER DEFENSE CENTER and FORCE LABS has formed a new collegiate competition team and regional collaboration program called FORCE4. This team combines the skills of regional collegiate competitors with active and veteran service members to form a new type of team - a team where a force of one becomes a force of many... This a is a workforce development and COMMUNITY OUTREACH program to engage the ASCEND beneficiaries and community.
CYBER DEFENSE CENTER hosts an annual conference, the CYBER DEFENSE SUMMIT - cyberdefensesummit.org - The CYBER DEFENSE CENTER first hosted the first CYBER DEFENSE SUMMIT in 2012 in Dallas Texas at the Great Wolf Lodge. This event was highly successful, completely free, and brought together over 1000 attendees with minimal planning. This COMMUNITY OUTREACH program focuses on bringing together the right associations and partners in Colorado to engage in discussions and education on cyber defense.
CYBER DEFENSE CENTER is launching a new COMMUNITY OUTREACH program in 2024, breachreports.org - Breach Reports are essential when researching, monitoring, and cataloging threats to communities, critical infrastructure, and the country. This innovation project focuses on creating a new catalog of historical breach reports by aggregating data from several sources with new and innovative criteria for analytics.
We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.