Systems/Software Engineering Services provide planning, design, development, testing and maintenance of systems and software. MAG applies CMMI® Level 3 engineering practices with subject matter expertise, PMP® project management skills, and system integration capabilities to provide timely solutions that exceed requirements and meet schedule and budget – all while managing the reality of today’s fast-paced changing requirements and platforms that can impact projects.
We use a proven CMMI-DEV L3 system and software engineering process that is requirements driven and integrates test planning and execution with the analysis, development and integration processes. The analysis process is led by our engineers who ensure requirements and functional analysis are clearly understood by the engineering team, development, testing and quality assurance staff. Our engineers take the lead during the design phase, considering software language(s), architecture, interface(s), complexity, and code baseline changes required. They ensure the team members understand the analysis and design requirements for coding, testing, and the tools used as part of the software engineering environment are well defined. These tools and build systems range from software developed Integrated Development Environments (IDE), Application Lifecycle Management (ALM) systems, simulators, test harnesses, and delivery systems.
What we strive to accomplish is to inject security-based requirements directly into our initial requirements gathering process to help identify what the applicable security reviews, tests, and implementations requirements are for any given release. Not only are we concerned with operational security requirements but also development and test-based security requirements. This provides the most secure path and inherently increases security posture as the lifecycle progresses. We utilize the latest standards of security tools to include IAST, DAST, SAST, and RASP tools to continually evaluate the security of our programs. Where applicable, we also include, DoD specific reviews to include SRGs, STIGs, and MAC-specific accreditations.
Our Software Development Lifecycle (SDLC) is security conscious. We have molded our standard CMMI Level 3 Rated processes to include the best industry cybersecurity practices from the start. We call our modified SDLC our Secure-SDLC (S-SDLC). Typically, for most people, security is an afterthought, something they usually go through in order to obtain/maintain an accreditation. However, if security implementations are left until the end of a lifecycle they become even more cumbersome and expensive to implement and sometimes even less secure due to inability to conform to security requirements so late in the process. That’s why we’ve imbedded security requirements, reviews, and development practices in the beginning phases of our S-SDLC.
As with any process, there is additional overhead. AASKI utilizes automation tools in order to scale processes without the need to also scale headcount. We have experience with tools such as ACAS, HBSS, Nessus, HP Fortify, SCAP, and several others. However, automated tools generate a significant amount of content which can be a scalability issue. AASKI has experience in converting automated tool results into actionable documentation for use in accreditation packages with tools such as the Vulnerator. We also employ cybersecurity experts to help members of the team weave the maze of obscure security definitions to properly asses open issues and effectively remediate findings to ensure successful accreditations.
Why Choose MAG
Our highly trained and certified engineering team provides cutting edge expertise and unsurpassed experience planning, designing, developing, testing and maintaining systems and software for our DoD, Federal, and private sector customers.
MAG is driven and guided by our core values of Serve. Win. Perform.™
MAG utilizes automated scan tools against the network, operating systems and compatible applications, conducting additional manual assessments as necessary, using approved DoD and Army solutions
TASKING The key to successful ISR activities is an ISR plan that is developed based on well reasoned analysis, driven by your requirements, focused on your directed tasks, and tied to your anticipated decisions or intended actions.
OPERATIONS We are fundamentally about ensuring the right sensors are positioned at the right place at the right time to provide the right feedback about activities within your area of operations.
PROCESSING We work to shorten the collection cycle on board the aircraft and with mission analysts on the ground. This enables us to improve performance and dictate favorable outcomes for you.
EXPLOITATION High resolution imagery is only the beginning. Instead of focusing entirely on advanced sensors and integrating new phenomenology, which can actually impede dynamic operations, we look at how we treat information once we have it.
DISSEMINATION We analyze collected information and present products, conclusions, or projections regarding the operational environment in a format the enables you to achieve situational understanding.
MAG ensures that our customer’s information systems maintain a post-deployed security posture in compliance with requirements of the Federal Information Security Management Act (FISMA)
Providing transformational technology solutions and services to small, medium, and large customers for over 15 years
Security scan results are delivered via a Security Assessment Report (similar artifact per customer requirements), identifying and summarizing potential vulnerabilities, threats, risks and mitigation strategies for customer review. We confer with the customer and implement mitigation or remediation measures at the customer’s direction.
MAG IA staff possesses the DoD 8570.01-M mandated Information Systems security certifications (IAT/IAM level II and III) required for supporting DoD IA programs and projects, to include certifications for CISSP, CISM, CEH and Security +.
MAG learns and understands its customers’ mission first, then develops solutions
STATE OF THE ART
MAG’s research, test, and development expertise provides visibility of new cybersecurity technology
MAG has developed standardized actions and procedures to support time critical reporting and activities without delay
MAG has lawfully exported defense articles and services in compliance with US export statutes and regulations
MAG’s highest priority is keeping our people and partners safe—a priority enshrined in our systems, procedures, and culture
MAG’s collaborative approach and strong partner relationships allow us to respond quickly to changing environments and needs
MAG’s service is responsive and on-demand — performed efficiently with the flexibility to scale up if needed
MAG does what we say — as evidenced by our 95%+ mission achievement rate
MAG TECHNICAL SERVICES
MAG provides planning, design, development, testing and maintenance of systems and software.
Central/South America PROBLEM: US Government required contractor support for operations, maintenance, and analysis of a multi-sensor aircraft installed with a Foliage Penetrating (FOPEN) Light Detection…...
Southwest Asia PROBLEM: The U.S. Army required contractor support to provide sensor operator training, operations, support, and sustainment on aerial surveillance sensor systems worldwide, including…...