DHS buys information assurance

Northrop Grumman and Q1 Labs, a network security company, have won a contract from the Homeland Security Department for a system that performs surveillance, analysis and mitigation of cyberattacks and other security violations. The cyberprotection system will use Q1 Labs' QRadar software.

Brendan Hannigan, Q1 Labs' executive vice president of marketing and product engineering, could not discuss that specific contract, but he said QRadar, which stands for Real-time Anomaly Detection and Resolution, collects cybersecurity information across an organization and feeds it into a centralized analytics engine.

The software identifies normal behaviors and detects deviations from them, Hannigan said. "It could be a very insidious low and slow scan coming from the other side," he said. "It could be a machine internally that has been infected with a worm. It could be a rogue server that has been set up in a portion of the network where it is a violation of policy."

To mitigate such threats, the system sends network and security administrators recommendations for countermeasures such as quarantining a PC within a particular subnetwork to keep a virus from spreading or shutting down an application that violates the organization's security policy.

The software is capable of blocking specific switches in a network infrastructure or stopping particular users from accessing the network, Hannigan said.

Northrop Grumman has a partnership agreement with Q1 Labs to resell the QRadar software.

A DHS spokesman did not have information about the contract and could not comment.

Featured

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

  • Cybersecurity
    cybersecurity (Rawpixel/Shutterstock.com)

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

Stay Connected