KoreLogic Rapid Application Development
- Solution Approach:
The Business Issue:
Many organizations lack the resources, either logistically or
empirically, to develop user-friendly applications following a
set of specifically-defined usage guidelines. Moreover, some
organizations possess the experience and staff to undertake
such an endeavor, but cannot execute the finished product in the
accelerated development window offered by the KRAD service.
Often, clients of ours bring a problem to KoreLogic because:
- They have identified a need that
is too specialized to be served by existing off-the-shelf
- They have an initial
solution, but it is insecure or unreliable, and a
better-designed alternative is needed.
- They have identified
a solution but it does not integrate well into their
environment out-of-the-box, so they need help interfacing
it with their existing infrastructure.
- They have attempted to develop
something in-house, but have run into resource constraints.
- They have attempted
a typical software outsourcing, but have received an
inferior, unacceptable solution.
Our team has decades of both software
development and security experience. Our code is developed using an
iterative, prototyping approach resulting in code that is rapidly
developed, reliable, and resilient.
The KRAD service provides tactical
custom application development. We are able to take on a project
with minimal lead time, rapidly develop the solution, hold periodic
customer reviews throughout the process, and deliver the final
product quickly. Periodic collaboration with the customer is the
cornerstone of our process.
The KRAD team has decades of
experience in software development and information security. We have
worked at the highest tiers of the public and private sectors,
successfully navigated DARPA's Cyber-Insider Threat (CINDER) Program
and have generated novel security research resulting in conference
appearances and technical papers. We have extensive experience in
application development and security assessments, password cracking
and strength enforcement, reverse engineering and tamper resistant
solutions, and vulnerability discovery, mitigation and disclosure
Example KRAD Projects:
- Source code repository integrity
monitoring (DARPA - Defense Advanced Research Projects Agency)
- Malware analytic framework (DARPA)
- Forensic digital file carving
(Digital Forensics Research Conference)
- An enterprise search architecture
as part of a data breach response (Fortune 500 company)
- A password cracking grid
incident response, regulatory compliance, and litigation support
- A firewall services inventory tool
to support energy sector regulatory compliance
for more details on these or many other solutions we have created to
address unique information security needs.