The Problem This Solution Solves
DoD cyber hunt operations are often conducted on unfamiliar networks. In order to find, analyze, and reveal malicious cyber actors’ activities, capabilities, and infrastructure, there is a need to rapidly identify and map unfamiliar network configurations, and accomplish this efficiently using solutions that allow for the ingestion of Layer 2 and Layer 3 network device configuration files, PCAP files, and flow logs.
The Solution
Cyberspatial's Teleseer software has the capability to rapidly identify and map network devices. Its software creates network maps from configuration files only, PCAP only, and an enhanced view when both data sources are present. The tool is able to deal with stenographer files and streaming PCAP. The capability was tested by DoD cyber operations personnel on representative and real mission data. Cyberspatial also delivers user training through an online portal, providing ease of onboarding new users into the capability.