The Department of Defense’s Cyber Crime Center has teamed up with Looking Glass on a pilot program that is aimed at outlining a defense company’s security vulnerabilities and providing recommendations on how to address them amid increasing cyber attacks, Nextgov reported Friday.
The Krystal Ball program will provide insight into the cybersecurity posture of a member of the defense industrial collaborative base information sharing environment using publicly available infrastructure data and threat intelligence.
Terry Kalka, deputy director for the department’s DCISE, explained to Nextgov that Krystal Ball would use a company’s open-source online footprint “to figure out if there are any vulnerabilities that are available or exposed.”
The offering, first rolled out in February, was being considered by policy officials as one that would help tack cybersecurity threats such as intellectual property theft and ransomware attacks targeting critical infrastructure.
According to Kalka, the service already discovered high-profile weaknesses on defense industrial base networks, including those related to Microsoft’s Remote Desktop Protocol and Pulse Secure.
Krystal Ball is available for free to companies that have signed up on DC’s threat information-sharing program, around 850 businesses both large and small from all subsectors.
While the demand for the cybersecurity service is expected to rise with the emergence of the Cybersecurity Maturity Modernization program, Kalka expects the DC3 to handle an increased number of clients.
“One of the things we’re working on is creating a software to visualize and assist in the analysis and I believe once that’s in place, we will have the resources we need to analyze the data coming in, no matter how many companies,” the official said.