IT Solutions & Strategy Services

A team of passionate thinkers working side-by-side with our
clients and partners to deliver high-quality technology solutions.

Cyber, Information, Privacy Security Design and Operations

EZRA designs, tailors, and deploys/employs full-stack information, cyber, and data privacy protection facilitating comprehensive security operations, incident response, and information assurance. Ezra’s network design, patch management, incident management (CIRT), and security accreditation methodologies provide objectively measurable compliance/control, multi-sensor monitoring, management and correlation of critical system events, and the ability to profile operational traffic patterns. The EZRA methodology significantly and measurably reduces operational risk.

Information Assurance

EZRA leverages tools such as Xacta, NCAD, and eMass to facilitate attainment and sustainment of its clients’ portfolio of system accreditations for their mission-critical programs/projects. For example, for a DOD client, EZRA consolidated the management of all explicit and inferred NIST 800-53/CCRI configuration management controls into a single common control “package” that received an ATO for organization-wide use. EZRA information assurance SMEs leveraged the configuration management common control set and a more tailored/disciplined approach to coordinate the remediation of hundreds of “findings” through inheritance and artifact harvesting/validation leading to a rating of an organization as “compliant” for all configuration management control.

EZRA ensures that the Agency’s information systems comply with mandated security guidelines and that policies are certified and accredited prior to operation. EZRA Technologies engineers play an integral role in supporting continuous C&A efforts as well as streamlining the system life-cycle. EZRA Tech engineer’s roles, within the C&A process, are integrated into the Development, Post Accreditation, and Maintenance Phases.

Configuration/Change Management

EZRA has a proprietary methodology for Designing, Engineering, Deploying and Maintaining a NIST SP 800-53/800-128/800-137 compliant Configuration and Change Management program for its clients. Beyond configuration item (CI) inventories and change board, EZRA works with each organization’s technology service provider to optimize their business processes, their milestone deliverables, decision registries, and their portfolio of configuration/change board resulting in a governance, risk, and compliance (GRC) program capability that is comprehensive and audit-ready.

For example, EZRA implemented a full-bodied Configuration/Change Management program for one of its DOD clients that ultimately led to a significant decrease in its help desk calls and overall platform downtime. Additionally, EZRA leveraged multiple existing infrastructure/cyber sensor platforms (e.g., Splunk, Tanium, SCCM, HBSS) deployed in the client’s computing eco-system to create and exploit CMDB capabilities for this 35,000 seat enterprise. The resulting toolset created by EZRA engineers provided the ability to see and analyze configuration baselines for thousands of level-2 and level-3 devices in real-time.

Data Mining

EZRA enables better client decision making by utilizing tools such as Splunk, Tableau, eMass, ACAS, HBSS, Tanium, SCCM and RedSeal to intelligently gather and analyze critical security and business related enterprise data. For one DoD client, EZRA data SMEs conducted a 100% inventory of the quality and reliability of all data sources (e.g., index, source, source-types) recorded in the organizations Splunk implementation as part of the analysis leading to the development of a virtual CMDB. The result of the analysis led to the creation of data-fused dashboards or correlated events and performance metrics providing EZRA engineers with the ability to profile virtually all of the events, applications, services, processes, and the execution of every command by any targeted device in minutes.

Capital Planning and Investment Control (CPIC)

EZRA Technologies has strong expertise and experience with the Government CPIC process. EZRA’s disciplined approach to managing the various phases of the Information Systems cyclical budgetary process allows its clients to optimize the funding set aside for IT and business challenges.

Network Security Design and Engineering

Network Security Design services are for clients and organizations that are designing, upgrading, moving or re-designing their networks and internet access points and want to incorporate layered security mechanisms and controls into the network.

Certification and Accreditation

The certification and accreditation (C&A) process ensure that the Agency’s information systems comply with mandated security and that policies are certified and accredited prior to operation. EZRA Technologies engineers play an integral role in supporting continuous C&A efforts as well as streamlining the system lifecycle. EZRA Tech engineer’s roles, within C&A activities, are integrated into the following phases: Development, Post Accreditation, and Maintenance.