Professional Engineering Services

Best-of-Breed Anti -Tamper Solutions

Arxan Defense Systems provides professional engineering services to government agencies and contractors to analyze and develop best-of-breed anti -tamper solutions across hardware and software platforms. Through ADS Professional Services, government clients and contractors will receive our end-to-end support to create comprehensive solutions that includes the development of anti-tamper plans, vulnerability assessments, technical training and product-specific protection schemes.

The ADS Professional Services team is comprised of experienced, security-cleared engineers, with specific expertise in the Anti-Tamper (AT) market, including an in-depth knowledge of third party products. We deliver project-specific requirements that incorporate concept definition, product deployment and field support.

	Red Teaming Red Teaming analysis is a blind security assessment performed by a skilled team of ethical hackers. A Red Team uses the same tactics that would be employed by malicious hackers to breach information systems. ADS’s “black box” approach assumes that the attacker has no prior knowledge of the system and all exploitable system faults that are discovered during this process will be reported back to the organization for patching. Red Teaming can both complement and inform intelligence collection and analysis. Our objective is to reduce an organization’s risk and increase opportunities. ADS’s experts will conduct a comprehensive evaluation of protection schemes and can provide risk mitigation recommendations to ensure critical program information (CPI) is properly protected. Deliverable: A detailed report that includes a vulnerability assessment which outlines threats, vulnerabilities and attack scenarios. The report will also include methodology, key performance parameters and risk mitigation tools and techniques that address all threat vectors.

	Blue Teaming A Blue Teaming security analysis is similar to Red Teaming, however, Blue Teams work hand-in-hand with the targeted system’s engineers to do a vulnerability assessment. As such, the Blue Team has access to resources and information that are unavailable to a Red Team (or what an attacker would see in the field) and results can usually be achieved faster and cheaper than Red Teaming. The collaborative approach of a Blue Team risk assessment using ADS professional expertise, partnered with customer knowledge and resources, benefits the customer by conducting an in-depth risk analysis and identifying vulnerabilities that can be exploited in an application. A Blue Team analysis includes a design-and architecture-documentation review, along with source code analysis. For the most complete security analysis, a Blue Teaming effort can be supplemented in parallel or prior to Red Teaming. Deliverables: A detailed report that includes a vulnerability assessment which outlines i. threats, vulnerabilities and attack scenarios. The report will also include methodology, key performance parameters and risk mitigation tools and techniques that address all threat vectors. An Attack Package containing all attack tools developed by the blue/red team, ii. with references to all open source or commercial attack tools used by the blue/red team and all versions of customer-exploited software.

	Government Liaison for Anti-Tamper (AT) Plan Development Complete AT plan creation, as required by the DoD directives 5000.2 and 5200.39 and aligned with the DoD acquisition process. Deliverables: Initial AT Plan – Program Initiation. ADS professionals will provide the following: Identify CPI/Critical Technology Identify threats Conduct vulnerability assessment Attack tree creation Assess impact of exploitation Develop exploitation prevention timeline Final AT Plan – Prior to Production and Deployment. ADS professionals will: Identify optimal AT technologies Select potential solutions Conduct a decision analysis related to each AT Solution Recommend an optimal final AT solution Verification and Validation Support Verification Plan – Post Development. ADS professionals will work iteratively with DoD primes to complete the verification and validation process, to organize CPI and finalize AT techniques.


	Training ADS Professional Services provides training courses in the following areas: Deliverables: Informational Overview: Why AT? An overview for government manager Product Training: EnforcIT® – Expert tool for automated protection of applications Customized Training: Customized content for specific requirements defined by program managers for on time, on budget deliver

	Custom Solutions We work with program managers and development teams to design a customized protection that best leverages the characteristics of products, platforms and available hardware anti-tamper measures to build a robust protection network. Deliverables: Design custom guards™ - guard development according to application-specific needs Recommend best-of-breed solutions [hardware/software] FPGA Anti-Tamper IP System On Chip (SOC) and Application-Specific Integrated Circuit (ASIC) support services Advanced Anti-Tamper research and development Turnkey Protections – ADS protection engineers implement a custom protection plan for your application or system

	Design a Product Protection Plan: EnforcIT ADS’s software protection arsenal, EnforcIT, intertwines physical and software layers to create a best-of-breed protection in the overall product package. Deliverables: Turn key services for end-to-end application protection Customized layered approach to create a solution that includes both software and hardware components Complete plan development for creating a unique protection scheme Advise on advanced protection-integration tools and technologies

	Home Products EnforcIT®-S EnforcIT®- H TransformIT™ ADS Professional Services Solutions About ADS Company Overview Press Releases Events Management Team Contact Us Careers Contact Support