Like the land domain, cyberspace must be defended. The U.S. Army has begun to deliver innovative and dominant cyberspace capabilities to cyberwarfighters (e.g., cyberprotection teams and regional cybercenters) based on mission and threat through Project Manager Defensive Cyber Operations (PM DCO).
This state-of-the-art report delves into the cybersecurity testing activities for defensive cyberoperations (DCO), which include discovery, vulnerability analysis, continuous monitoring, intel support, mitigation/remediation, event correlation, penetration testing, threat emulation, and malware analysis.
Key U.S. Department of Defense cybersecurity strategy and policies applicable to DCO are identified and defined. Additionally, this report explores the software tools and testing events used to establish the effectiveness and cyber-resiliency of the system under test. Lastly, three use cases detailing how PM DCO conducts cybertest and evaluation are presented.