THE TECHNOLOGIES LISTED BELOW were developed within the National Security Agency (NSA) and are now available to the public via Open Source Software (OSS). The NSA Technology Transfer Program (TTP) works with agency innovators who wish to use this collaborative model for transferring their technology to the commercial marketplace. OSS invites cooperative development of technology, encouraging broad use and adoption. The public benefits by adopting, enhancing, adapting, or commercializing the software. The government benefits from the open source community’s enhancements to the technology.
A sorted, distributed key/value store that provides robust, scalable data storage and retrieval. It adds cell-based access control and a server-side programming mechanism that can modify key/value pairs at various points in the data management process.
Identifies unexpected and prohibited Certificate Authority certificates on Windows systems.
CONTROL FLOW INTEGRITY RESEARCH
A proposed hardware-based method for stopping known memory corruption exploitation techniques described in the “Hardware Control Flow Integrity for an IT Ecosystem” research paper.
A program that reduces the timespan needed for making a forensic copy of hard drives for forensic analysis.
A web enabled prototype tool that implements the Open Checklist Interactive Language (OCIL) capabilities for creating, managing, and responding to questionnaires.
An indexing and search system for queries on sequences of bytes that offers lightning-fast searches on data of arbitrary formats.
An easy to use and portable Virtual Private Network system built with Linux and a Raspberry Pi 3.
Provides network situational awareness of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks to support network security.
JAVA PATHFINDER MANGO (JPF-MANGO)
A static code analysis tool that uses formal methods for analysis. It is part of NASA Ames Java PathFinder project which is a system used to verify executable Java byte code.
Log-based transactional graph database engine backed by a single file. The primary use case is to support streaming seed set expansion, iterative correlation, and recursive file processing.
A prototype that demonstrates a method for scoring how well Windows systems have implemented some of the top 10 IA mitigation strategies.
Assesses the security state of an ARM-based device by examining the system register interface of the processor.
NB Gallery is a publishing, sharing, and collaboration platform for Jupyter-based analytics.
Automates the flow of data between systems. NiFi implements concepts of Flow-Based Programming and solves common data flow problems faced by enterprises.
Radically simplifies the operation of enterprise networks with SDN applications that reside on top of an OpenFlow-capable network controller.
Manages and standardizes existing commercial hard drives.
Verifies system integrity by establishing a baseline measurement of a system’s Trusted Platform Module (TPM) and monitors for changes in that measurement. Originally based on NSA’s Host Integrity at Startup (HIS) software.
A modular suite of “plug and play” services and capabilities, allowing organizations to customize the suite to meet their specific environments.
Couples corporate object storage capabilities with a flexible policy language for customization of access control, retention, and storage of data within the same system.
A software-defined radio (SDR) framework designed to support the development, deployment, and management of real-time software radio applications.
Measures the degree to which specific aspects of the top 10 IA mitigation strategies have been deployed on Windows systems.
SCAP SECURITY GUIDE (SSG)
Delivers security guidance, baselines, and associated validation mechanisms using the Security Content Automation Protocol (SCAP) for hardening Red Hat products.
SECURE HOST BASELINE (SHB)
Group Policy Objects, configuration files, compliance checks, and scripts that support implementing the DoD Secure Host Baseline for Windows 10.
SECURITY-ENHANCED LINUX (SELINUX)
A mandatory access control mechanism in the Linux kernel that checks for allowed operations after standard discretionary access controls are checked. It can enforce rules on files and processes in a Linux system, and on the actions they perform, based on defined policies. SELinux has been part of the Linux kernel since version 2.6.0.
SECURITY ENHANCEMENTS FOR ANDROID (SEANDROID)
Confines privileged processes based on security policies by enforcing mandatory access control over all Android processes. SE for Android has been part of Android since Android 4.3.
SIMON AND SPECK
The Simon and Speck families of lightweight block ciphers.
SYSTEM INTEGRITY MANAGEMENT PLATFORM (SIMP)
Automates system configuration and compliance of Linux operating systems so they conform to industry best practices.
Provides a mechanism for network defenders, security professionals, and decision makers to quantitatively measure the effectiveness of their security posture.
An architecture for processing metadata designed to take in a set of streaming events from multiple sources, process them through a set of modules, and return meaningful outputs.
Retrieves the definitions of Windows Event Log messages embedded in operating system binaries.