Maintaining your company’s reputation and your customers’ privacy is critical to the success of your business.
Cybersecurity is one of the most challenging aspects of any company’s IT program because of the constant reminders about the threat of being hacked.
If you want to be viewed as a responsible company that is safe to do business with, it’s critical you develop a solution that is not only responsive to active attacks but proactive to potential attacks.
Custom Designed Cybersecurity Solutions
What You Need
Delivering Holistic Cybersecurity Solutions
Cybersecurity is a constant and ever-changing threat that can cause significant disruptions to your business and reputation. To ensure you’re taking the necessary precautions to keep your business and customers safe requires the support of an expert.
Independent Verification & Validation Experts
Sedulous maintains a staff of Independent Verification & Validation (IV&V) experts who perform comprehensive reviews, analysis, and testing, (software and/or hardware) to confirm (e.g., verify) that the security requirements for a system are correctly defined, and to check (e.g., validate) that the system correctly implements the required functionality to support the security requirements.
Marine Corps Cybersecurity Validators (MCCV) and Navy Qualified Validators (NQV) serve as trusted agents of the Department of the Navy (DON) and United States Marine Corps (USMC) Security Control Assessors (SCA) who works with Information System Owners (ISO), Information System Security Managers (ISSM), Information System Security Officers (ISSO), Project Managers (PM) and user representatives in support of DON/USMC Risk Management Framework (RMF) implementation. The MCCV/NQV is responsible for providing the SCA and the Authoring Official (AO) with an accurate technical evaluation of the application, system, or network by documenting the security posture, protection capabilities and vulnerabilities against relevant cybersecurity controls, then a drafting a statement of preliminary or residual security risks for system operation.
The responsibilities assigned to a MCCV/NQV by the AO include providing IV&V of DON/USMC system’s security controls and safeguards designed through the security engineering (SE) process. Validation of applicable cybersecurity controls for an assigned DON/USMC system, including developing the appropriate test procedures if necessary, executing the test procedures and accurately documenting the results of security testing. The responsibilities also include performing the requisite preparatory steps and conditions, performing the actual validation steps, comparing the actual results with the expected results, and analyzing the differences for impact and risk. The MCCV/NQV develops the RMF Security Assessment Report (SAR) for the assigned system(s) and facilitates the coordination with the ISO, ISSM, ISSO, PM, User Representative, SCA Representative (SCAR), and AO for collective agreement of the documentation.