USA flag logo/image

An Official Website of the United States Government

Structured Application Protection Process (SAPP)

Award Information

Agency:
Department of Defense
Branch:
Missile Defense Agency
Award ID:
91608
Program Year/Program:
2010 / SBIR
Agency Tracking Number:
B083-042-0305
Solicitation Year:
N/A
Solicitation Topic Code:
MDA 08-042
Solicitation Number:
N/A
Small Business Information
Sentar, Inc.
315 Wynn Drive Suite 1 Huntsville, AL 35805
View profile »
Woman-Owned: Yes
Minority-Owned: No
HUBZone-Owned: No
 
Phase 2
Fiscal Year: 2010
Title: Structured Application Protection Process (SAPP)
Agency / Branch: DOD / MDA
Contract: HQ0006-10-C-7275
Award Amount: $998,602.00
 

Abstract:

The Structured Application Protection Process (SAPP) system concept classifies software applications into domains. Each domain class represents different operational aspects of software - such as real-time response, data management, computationally-intensive, and user interactive - to correlate a likelihood of vulnerabilities with an application software type. A threat model is used to correlate attack vectors with vulnerabilities for prioritizing both penetration testing and operational monitoring. The threat model utilizes a standard classification of attack patterns to identify the attack vectors most likely to be used against known vulnerabilities. The correlation of threats with vulnerabilities produces a risk assessment which can be used in the development of a penetration testing strategy. The pen testing strategy is then automatically executed to identify likely vulnerabilities and weaknesses and how they may be remediated. The proposed project reduces technical risk by leveraging prior research and development and by using standard descriptions of vulnerabilities (CVE), weaknesses (CWE), and attack patterns (CAPEC). The innovation of the proposed concept is to make as efficient as possible the testing and verification of application software.

Principal Investigator:

Al Underbrink
Senior Analyst
2564300860
al.underbrink@sentar.com

Business Contact:

Sharon Yalowitz
Contracts Manager
2564300860
sharon.yalowitz@sentar.com
Small Business Information at Submission:

Sentar, Inc.
315 Wynn Drive Suite 1 Huntsville, AL 35805

EIN/Tax ID: 630947741
DUNS: N/A
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No