Data Society
Building an AI database solution for the United States

A Cybersecurity Semantic Search Engine

machine learning
US Air Force, HAF/CX, & CROWS
machine learning
2019-2020
machine learning
Government
USAF logo over jets flying through the sky

Synopsis

KPI:
Developing a custom search platform for U.S. cybersecurity professionals.
Project length:
2019-2020

At a Glance

To better serve cybersecurity professionals in the United States government, Data Society built APOLLO, a search engine that empowers cybersecurity professionals to quickly identify risk remediation techniques at strategic and tactical levels, in a prioritized format, to protect and serve our nation.

Client Profile

Bio:
The Air Force Cyber Resiliency Office for Weapons Systems (CROWS), established by a provision in a 2016 law charging the Department of Defense to identify and mitigate cybersecurity vulnerabilities of weapon systems.
Industry:
Headquarters:
GOVERNMENT
ARLINGTON, VA
Contract Awarded:
$750,000
Founded:
1963

The Challenge

For cybersecurity professionals in the United States government, identifying and mitigating cyber threats are critical aspects of their role. While seasoned professionals readily identify risk remediation techniques, many seeking strategic approaches to threats or tactics to mitigate risk lacked the means to do so at scale.

Even as specific techniques were identified, tactical implementation approaches were not immediately accessible, and plotting a complex workflow of next steps slowed action to remove threats. Barriers included searching for products that could help determine if vendors had the experience and capacity to effectively solve cybersecurity threats before going through procurement. 

The U.S. government required one central, dynamic, and always current platform where cybersecurity professionals could find tactical approaches to mitigate risks and search for qualified vendors that solved similar challenges for the government.

A Tailored Solution

The Solution

Data Society developed a platform to provide mission-relevant recommendations for products using aggregate data from many sources, extract meaning via natural language processing (NLP), and apply artificial intelligence (AI) tools to power searches.

To start, there were extensive user interviews where several priority features emerged:

  • “As a cyber analyst, I need to be able to summarize risk remediation techniques based on multiple playbooks and to rank these solutions in order from most effective to my project to least.”
  • “As a cyber analyst, I need to understand the best possible solutions presented within multiple playbooks and be able to compare my options. I want to see information at a strategic level and be able to drill down to a tactical level.”
  • “As a cyber user, I need to understand and evaluate vendors that might provide parts of the remediation technique.”

 

To meet this need, Data Society designed a user interface that could quickly and accurately identify the threat and vector, show multiple remediation strategies, prioritize potential solutions, identify and rank vendors, and provide key workflows and next actions in easy-to-understand and intuitive views.

Software design included identifying appropriate data from academic, digital media, government, and commercial sources to provide a complete picture of technology trends, vetted solution providers, and contractors with relevant government and commercial experience related to cybersecurity challenges.

Our ETL process included data collection, data extraction, transformation, and loading into a database, and building the architecture of a database that could be hosted on the government’s Cloud One platform. Data Society then developed a recommendation algorithm to serve up records relevant to searches the users enter into the front-end search bar. 

The Results

Data Society successfully built the APOLLO platform specifically designed to help government agencies identify cybersecurity risk mitigation solutions and vendors, though it is flexible enough to evolve to accommodate various future use cases for the U.S. government.

With this tool, cybersecurity professionals can easily search for different attacks, see detailed and clear playbooks on remediation techniques based on how threats were managed across the government in different scenarios, and receive a clear workflow for addressing them. For each threat, they’re able to see products from vendors that have worked with agencies previously and even use a product comparison tool so they can easily assess the best product to procure.
cross linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram