Gunnison provides support for NGA’s Security Assessment & Authorization process to enable timely, relevant, and accurate Geospatial Intelligence (GEOINT) in support of national security missions. Gunnison evaluates, tests and examines security controls in accordance with NIST standards and applicable scan data to identify security weaknesses, and to negotiate remediation and/or mitigation strategies. Gunnison assists NGA in developing defensible risk recommendations to support authorization decisions regarding information systems that limit risk to NGA information, assets, and individuals.
Gunnison delivers penetration testing services to NGA to assess the security of the NGA enterprises systems and assets. The team conducts penetration tests in accordance with NIST SP 800-53 Security Assessments and Penetration Testing security control requirements to Blue Team engagements. The objective of the team’s penetration tests and assessments is to identify vulnerabilities and security gaps in support of SA&A, system operations, and Computer Network Defense (CND) activities. The penetration test team simulates adversarial and insider threat activities by researching, detecting, analyzing, and exploiting network vulnerabilities throughout NGA network systems. In addition, the team performs strategic scoping, planning, and execution of network assessments and incident response actions, with the intent of improving readiness and defensive capabilities on NGA’s networks.