Cybersecurity Offerings

Raytheon offers a comprehensive suite of managed security services, security testing and assessment services coupled with -leading expertise and a unique perspective on the cybersecurity landscape.

Benefits Raytheon provides proac- Managed (24/7) — Highly auto- continuity with a client’s own tive threat hunting, security mated Managed Security Service existing “business day” security g U.S.-based, 24/7/365 SOCs in engineering, assessment and (MSS)/Managed Detection and operations center staffing. Florida and Virginia and more customized security training. Response (MDR) service with than 125 dedicated employees Focused — This level provides Raytheon has extensive experi- our patented automated threat the same services as Managed, g Comprehensive portfolio ence proactively identifying detection and analytics technol- with the added benefit of a fixed of F50, F100 and F500 and trends in adversary capabilities, ogy allowing analysts time for number of hours per month federal customers including as well as unique relationships advanced analysis and hunting building and managing for analyst “hunting” for mali- with partners who have visibility for malicious activity on client multiple SOCs cious activity on in-scope client into adversary planning/staging networks. Commercially focused networks. g Highly skilled and certified infrastructure and activities. The service, currently offered to staff, recognized cybersecurity Raytheon team of highly creden- clients based in North Ameri- Digital Forensics and thought leaders tialed and experienced engineers can and the United Kingdom. Incident Response (DFIR) g Industry expertise focused on creates in-demand security pro- Engagement scope includes Raytheon provides full life-cycle critical infrastructure, financial grams, end-to-end architectures traditional monitoring, active DFIR services including initial services, government, health and security operations centers hunting, automated detection development of IR plans, testing care, technology and energy focusing primarily on global of indicators of compromise of IR plans and procedures with sectors financial, critical infrastructure, (IOCs) and NSM/SIEM manage- simulated exercises, responding healthcare organizations and ment. Service coverage 24/7, 365 to incidents, intrusion hunting federal agencies. days a year (Blue Team) and providing expert witness testimony. Our Virtual Security Operations Monitored (24/7) — This level customizable options for 24/7 Center (V-SOC) provides the same services as DFIR coverage and expertise Managed, with the added benefit Raytheon takes a proactive, provide you with both remote of an engagement scope that intelligence-driven and custom- and onsite full incident response, includes traditional monitoring, ized approach to defend our containment and remediation active hunting and automated customers against the most in- support services. Our DFIR detection of IOCs. Service cover- tricately conceived threats. This services are offered as part of our age 24/7, 365 days a year or off flagship offering is available in V-SOC offering so regardless if hours/holiday coverage and three different levels of service. you want DFIR by itself or with Cybersecurity Assessments

our managed service, we provide a comprehensive DFIR practice to 4. Red Team: Our Red Team offering seeks to advance the client’s our customers with seasoned/certified professionals. security monitoring and defenses to the limit by emulating an actual attack by a sophisticated intelligence or criminal orga- Security Tool Implementation Engineering nization. The testing will provide clients with an actionable set Because Raytheon is a vendor-neutral organization, customers have of recommendations regarding all aspects of the operational the opportunity to choose their vendor for security tool-specific security surrounding their network and a narrative of how our implementation engineering, architecture, configuration, tuning consultants planned and gained access to the client’s network. and administration services. Subject Matter Expert Support Cybersecurity Assessments Raytheon provides staff augmentation support for multiple tech- Raytheon specializes in identifying and thoroughly testing potential nologies, and CND tools. Subject matter experts provide support points of entry from an adversary’s perspective. With proven for key security technologies, tools and platforms and support experience assisting organizations meet their security objectives, includes options for both project-based engagements (under we work to identify threats and vulnerabilities that pose the six months in duration) and staff augmentation (more than six greatest risk to your organization. We also understand the policies months). and regulations that drive the need for security at e-commerce, healthcare, financial services and government agencies. Dedicated Cyber Security Operations Center (CSOC) Design/Build is the delivery of integrated CSOC systems and processes using 1. Risk Assessments: The Raytheon team conducts a high-level the Raytheon Common SOC technology stack. Raytheon’s full review of programs and infrastructure to ensure that particular life-cycle support for customer organization CSOC requirements areas of concern are identified, prioritized and reviewed with includes Design/Build/Operate/Sustain and Design/Build/Deliver the aim of providing actionable recommendations that can be models. implemented as both “quick wins” and as longer-term roadmap improvements. Specific assessment areas include: Cybersecurity Product Resale At Raytheon, we understand that • Cloud security architecture and risk assessment knowing the right people and finding experts you can trust are crucial to tailoring a security solution that can help your organiza- • policy review tion thrive. Many organizations use a mix of security solutions and • Security architecture review services from multiple vendors that do not interact with each other. 2. Penetration Testing: Any compromise in an organization’s In today’s fast-evolving threat landscape, this not only increases op- public presence may cause serious brand damage and harm to erational costs, it can even increase risk. Protection efforts now re- the organization’s image, as well as exposing low barrier point(s) quire open, collaborative approaches to detecting threats, reducing of entry to stage these attacks. In addition, because of the large risk, and ensuring compliance. Raytheon has developed a strong number of attackers utilizing client-side exploits to gain access network of industry partners that we trust. We’ve hand-picked directly to the internal network, it is best to emulate the full spec- this group of partners for their commitment to our clients and for trum of threats arrayed against a client’s network to ensure that their technology leadership. Our partners help us solve the difficult it is well positioned to defend against realistic threats. Raytheon’s challenges that most vendors can’t. These partnerships are based penetration testing and vulnerability assessment services include: on real work and real results, driven by client needs, not marketing • Internal penetration testing or sales. We create a shared connection on an engineering, support • External penetration testing and product level like never before for the sole benefit of our joint • Wireless assessment customers. Our solutions include products from partners such as • Social engineering assessments Forcepoint™, RSA and Splunk®. 3. Web Application Assessment: The testing focuses on gaining unauthorized access to the web application, its high value data and its underlying infrastructure using a combination of ap- plication attacks and network- or host-level exploits. The intent For further information contact of this approach is to provide the client with a complete under- [email protected] standing of the security posture of its web applications from a Raytheon Intelligence, malicious adversary’s perspective. Information and Services 2214 Rock Hill Road Suite 150 Herndon, Virginia 20170 USA +1 703-467-3801

www.raytheoncyber.com/managed- services

Copyright © 2017, Raytheon Company. All rights reserved. Printed in the U.S.A. Cleared for public release. IIS2016-064. Advanced Media East 06/17 4440732/4436106 This document does not contain technology or technical data controlled under either the U.S. International Traffic in Arms Regulations or the U.S. Export Administration Regulations.