Our consultants provide
leading edge solutions to
secure the most complex
environments.
White Papers
Learn more about our technical contributions.
 
Customer Profiles
Read about specific Tresys solutions - from planning and creating secure IT software to advising clients how to accredit their products.
 
 
 
Tresys was founded by engineers and analysts having extensive experience with IT security challenges and solutions throughout industry and government. The Tresys staff has a rare combination of both breadth and depth of knowledge of all aspects of IT security. We use proven engineering methodologies to IT security, analyzing all aspects of systems security to assure coverage of protection throughout your IT system.

For more information about Tresys security engineering and consulting services, please contact us.

Applied Security
From analyzing your current IT infrastructure for security vulnerabilities to in-depth knowledge of available security technology, Tresys has the experienced staff that help our customers engineer secure networks and IT solutions. Areas of expertise include the following:

Cross Domain Solutions
Building computer systems that allow the controlled transfer of data between security domains, commonly called cross domain solutions (CDS) or guards, presents many common and some unique security challenges. Tresys provides unique expertise to customers needing CDS consulting - from advanced technology research and consulting expertise. Read about some of our experiences in white paper: Lessons Learned Developing Cross-Domain Solutions on SELinux.

Enterprise Security
Security for the enterprise requires vigilance at the desktop and throughout the network. Tresys takes an engineering approach to identifying and mitigating security risks at all levels of the enterprise. Thorough architectural analysis and technology awareness combined with Tresys' trusted advisor role provides any organization with the confidence that their enterprise has the appropriate security posture. In addition to evaluating and advising organizations on enterprise security, Tresys has extensive experience implementing enterprise solutions, including Public Key Infrastructure (PKI) and Cryptographic Modernization.

Secure Linux
Tresys is an innovation leader for Security Enhanced Linux (SELinux), producing many related open source technologies and products. We have unmatched experience in moving current and planned applications to SELinux for improved security. Our services include the following

SELinux Development & Engineering: Applying our innovative SELinux technologies, Tresys develops and consults with system integrators and OEMs on the development of SELinux-based solutions. From designing, advising, developing and deploying, our staff has unparalleled expertise in leveraging the power of SELinux.

SELinux Training: Tresys offers SELinux training using in two versions: a 1-day introductory course on developing SELinux security policy modules for your applications and a 3-day in-depth overview of all aspects of an SELinux policy and development.

Systems Assurance
Based on our extensive experience with government and commercial security and operationally critical systems, Tresys has developed a comprehensive evidence-driven System Assurance business that covers all variables affecting the achievement of business objectives throughout the system lifecycle. We work with our clients to understand or decide the extent and type of assurance required and provides technical and program support to execute the required assurance activities.  Efforts can include assessment of the problem domain, determination of assurance requirements, development of an assurance plan (i.e., strategic and tactical), and implementation / management of assurance activities. Specific areas of focus include the following:

Common Criteria and Security Certification
Security evaluations and certifications are an important component of today’s security technology market. Tresys has extensive experience, both with the Common Criteria standards and evaluations, as well as government and industry security certification and testing processes.

Compliance Programs
Tresys works with our clients to define, design, build, implement and manage compliance audit and security processes solutions across IT enterprise infrastructures. Our approach is to define the regulatory requirements of the environment and build efficient, automated and effective solutions that integrate regulatory compliant policy definition, event monitoring, alerting, security assessment and compliance reporting. Our customers benefit from reduced costs, improved audit integrity and lower risk.

Certification and Accreditation Support
Tresys has participated in the evolution of the Department of Defense certification and accreditation (C&A) process, providing technical support to evaluators and methodology training to Certification Test and Evaluation (CT&E) labs. As part of the Certifiable Linux Integration Platform (CLIP) project, Tresys has developed certification artifacts and mappings of operating system capabilities to relevant security requirements documents.

 
 
    Home                Technology          Services            Products        SELinux         About Us