U.S. Cyber Command, as part of a new public-private partnership with and run by the Maryland Innovation and Security Institute, recently concluded an insider-threat detection competition at the DreamPort facility.
DreamPort, established in late 2018, is described as a state-of-the-art facility where companies can bring in their capabilities to be worked on in a risk-free environment to help identify solutions.
The most recent competition, called the Wolf in Sheep’s Clothing, ran during January and February. The competition, termed a rapid prototyping event, involved participants designing, implementing or enhancing what are called user activity monitoring solutions to detect live and recent insider-threat attacks, as well as unauthorized activity.
DreamPort said it acknowledges that there are a multitude of these types of insider-threat solutions currently available; however, it is explicitly interested in solutions that offer predictive monitoring features and not policy-based monitoring features.
For the event, DreamPort set up an environment of Windows and Linux machines using human actors to interact with the environment in real-time. Participants installed their solutions on the network and attempted to detect the bad actors as quickly as possible. Solutions that detected all the unauthorized actors or actions were deemed a winner.
In a Feb. 25 release, Jazz Networks announced it had placed first in the rapid prototyping event.
“With only five people on site, we were up against much larger teams from some of the best companies in the space, like Booz Allen Hamilton, IBM, Crowdstrike, Splunk, and LogicHub,” said Fredrik Halvorsen, Jazz Networks chairman. “Small teams can have huge impact with the right technology. We may be new, but I think this helps prove that there will be Jazz!"
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.