Our Mission, Defined
Why do we do what we do at Aries Security?
Why focus on building a world-class cyber range, rather than red-teaming, or penetration testing, or selling cybersecurity insurance?
Because the need is there.
From a draft letter from A.M. Kurta, performing the duties of the Under Secretary of Defense for Personnel and Readiness, to the Honorable Thad Cochran, Chairman of the United States Senate Committee on Appropriations:
Dear Mr. Chairman,
Congressional Report 114-263, Senate Appropriations Committee, Defense Subcommittee directed “the Director of Force Readiness and Training to develop, as part of the cyber training curriculum, a competitive hacking environment that includes the ability for participants to build novel working exploits and defend against them.” Additionally, the report requested information on the “training environment and steps that will be taken to measure the participant capabilities.”
The Department of Defense (DoD) sees the benefit of hacker style contests as both a teaching tool and as a motivator. Over the past two years, the DoD embraced various approaches to bring hacker contests into the DoD. For example, the DoD sponsored crowdsourcing events, “Hack Pentagon” and “Hack the Army”, allowing individuals and small teams with a variety of backgrounds the opportunity to participate in cybersecurity challenges. Industry events (e.g., DEF CON, ShmooCon, BSides, and SANS NetWars) are utilized by the DoD for training and professional development. Although very useful, industry events are problematic (i.e. operations security, funding) for participation by DoD cyber professionals.
In order to gain the benefits of non-traditional training approaches, the DoD is adapting commercial-off-the-shelf capabilities, allowing military members access to hacking style competitions. The DoD partnered with vendors who conduct Capture The Packet and Capture The Flag events at DEF CON to deliver an unclassified training capability for the DoD. These capabilities support exercising foundational skills applicable to DoD cyberspace operations. This training focuses on challenge-driven discovery and does not expose sensitive Tactics, Techniques, and procedures.
Once these capabilities have matured, the Office of the Under Secretary of Defense for Personnel and Readiness, in coordination with U.S. Cyber Command, the Services, the National Security Agency and other DoD Components, will validate the hacker challenges and utilize the environment to measure individual Cyber Mission Force participant capabilities.
This is why we are dedicated to providing a world-class cyber range and skills assessment suite. The need is there, and we don’t back down from a challenge. We find a way to beat it. In the case of Capture The Packet, that means providing up-to-date challenge content, developing custom training per need, and working closely with government professionals to ensure that when the rubber hits the road, they are prepared to defend our nation in cyberspace.