Show simple item record

Remediating Third-Party Software Vulnerabilities on U.S. Army Information Systems

dc.contributor.advisorBuettner, Raymond R.
dc.contributor.authorSabovich, Jason R.
dc.contributor.authorBorst, James A.
dc.date12-Jun
dc.date.accessioned2012-07-30T23:16:06Z
dc.date.available2012-07-30T23:16:06Z
dc.date.issued2012-06
dc.identifier.urihttp://hdl.handle.net/10945/7410
dc.description.abstractInformation systems belonging to the DoD and U.S. Army experience cyber attacks on a daily basis. Increasingly, these attacks are targeting popular third-party applications, instead of focusing on vulnerabilities in Microsoft software. The DoD responded to this threat by adopting Citadel Hercules, which did not find a willing audience with the U.S. Army. Instead, the Army adopted Microsoft Systems Management Server (SMS), followed by System Center Configuration Manager (SCCM) 2007 to meet this threat. After more than five years, the rollout of SCCM to all organizations within the U.S. Army is still incomplete. This study provides an overview of the threats facing U.S. Army information systems and looks at how the Army has addressed this challenge in the past. Next, the study takes a system engineering approach to identifying an optimal tool for mitigating third-party vulnerabilities and suggests potential alternatives to SCCM. In addition, the study utilizes a cost benefit analysis approach to aid in evaluating the potential Return on Investment (ROI) provided by each tool. The purpose of this study is to answer the question What is the most optimal solution for mitigating vulnerabilities in third-party applications on U.S. Army information systemsen_US
dc.description.urihttp://archive.org/details/remediatingthird109457410
dc.publisherMonterey, California. Naval Postgraduate Schoolen_US
dc.titleRemediating Third-Party Software Vulnerabilities on U.S. Army Information Systemsen_US
dc.typeThesisen_US
dc.contributor.secondreaderBarreto, Albert
dc.contributor.secondreaderCook, Glenn R.
dc.contributor.departmentInformation Technology Management
dc.contributor.departmentBusiness Administration
dc.subject.authorInformation Assurance Vulnerability Message (IAVM)en_US
dc.subject.authorPatch Managementen_US
dc.subject.authorThird-Party Vulnerability Remediationen_US
dc.subject.authorSystem Center Configuration Manager (SCCM)en_US
dc.subject.authorLandWarNet (LWN)en_US
dc.subject.authorInformation Assurance Vulnerability Alert (IAVA)en_US
dc.subject.authorNetwork Operations and Security Center (NOSC)en_US
dc.subject.authorPatchingen_US
dc.subject.authorSysManen_US
dc.description.serviceMajor, United States Armyen_US
etd.thesisdegree.nameMaster of Science in information Technology Managementen_US
etd.thesisdegree.nameMaster of Business Administrationen_US
etd.thesisdegree.levelMastersen_US
etd.thesisdegree.disciplineInformation Sciences (IS)en_US
etd.thesisdegree.disciplineGraduate School of Business & Public Policy (GSBPP)
etd.thesisdegree.grantorNaval Postgraduate School (U.S.)en_US


Files in this item

Thumbnail
Name:
12Jun_Sabovich_Borst.pdf
Size:
2.085Mb
Format:
PDF
View/Open

This item appears in the following Collection(s)

Show simple item record