recommended reading

These Homeland Security Cyber Tools Are Now Available for Private Sector

Den Rise/

When an organization’s IT staff members are alerted about a possible cyber intrusion, they jump into detective mode, poring over reams of data to figure out what changed in the minutes, days and weeks before the alarm bell sounded.

But the data these detectives have to work with is often confusing or incomplete.

Akatosh, a tool developed by researchers at Oak Ridge National Laboratory in Tennessee, aims to fix that problem by taking regular “snapshots” of the state of every computer in an organization’s network.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

When the alarm bell sounds, the system automatically compares the post-incident snapshot with previous snapshots and tells the IT professionals precisely what changed, helping them to determine if the incident is a real concern and the best way to fix or mitigate it.

Akatosh is one of eight technologies developed by government labs or research partners the Homeland Security Department’s technology transfer office showcased Tuesday to companies that might want to run pilot programs with the tools or commercialize them.

DHS’ Transition to Practice office has helped dozens of technologies developed by national labs and universities reach commercial viability since the office launched in 2012. That includes eight tools fully offered or licensed by private companies, 15 tools being piloted within government or the private sector and five being offered as open source code, Program Manager Nadia Carlsten said during Tuesday’s demo.

The program’s goal is to give a boost to cybersecurity products that address existing or future gaps in protection but which the free market is unlikely to fund on its own, Carlsten said.

The office demonstrated eight of those tools at the RSA cybersecurity conference in February and plans to take three of them to the Black Hat hacker conference this summer.

Another product demoed Tuesday was APE, an Android application developed with federal funding by the nonprofit MITRE Corp., which scans all incoming traffic to the phone and blocks anything known to be malicious. Because the service is app-based, it can update much faster in response to new threats than security updates to the Android operating system itself.

The tool also disables unneeded phone functions to limit vulnerabilities, MITRE engineer Mark Mitchell said.

The Policy Enforcement and Access Control for Endpoints, or PEACE, tool, developed with federal help at the Worchester Polytechnic Institute, is a central controller that requires permission from any computer in a network before it shares anything with another computer.

The controller scans those requests to assess the likelihood they’re coming from a real human rather than a computer bug. It also applies rules set by the company such as not sharing links to services likely to allow malware in, said Craig Shue, a Worcester Polytechnic professor.

Because PEACE collects information about how scrupulous or careless an organization’s employees are, it also allows system administrators to set different rules for different employees, Shue said, loosening the reins on conscientious ones and tightening them on security risks.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.


When you download a report, your information may be shared with the underwriters of that document.