Blake-Philips was formed in 2016 by the core staff of cyber defense experts from the former Network Attack Characterization Modeling and Simulation Testbed (NACMAST) in Bowling Green, KY. The Bowling Green NACMAST was started in 2007 for the purpose of providing Computer Network Defense (CND) services to the United States Army Research Laboratory (ARL). The Bowling Green office, under the auspices of a larger parent corporation, completed a rigorous certification and accreditation process in order to become an ARL enclave. As part of its mandate, the NACMAST provided 24/7 intrusion detection monitoring and analysis of over 40 Department of Defense (DoD) networks including the National Defense University, the Army Material Command, and the Defense Technical Information Center. This service to the DoD included real time cyber event reporting, deep packet and historical traffic analysis, construction and installation of network sensor hardware and software, penetration testing, vulnerability assessment, and all aspects of incident response and remediation. In support of the DoD mission, Blake-Philips personnel have participated in various classified and sensitive cyber defense research and development projects, as well as provided real-time network defense for large-scale joint military exercises.
The Blake-Philips team has private sector experience in the areas of telemedicine and telehealth, by building and maintaining secure data transmission and storage systems for medical provider networks in accordance with HIPPA standards. Blake-Phillips personnel also prepared a nationwide telemedicine vulnerability assessment under the auspices of HHS and DHS. Team members also have experience with the development and implementation of technology systems for human accountability during disaster relief efforts. Additionally, Blake-Philips’ personnel had previously been involved with developing technology to identify and track hazardous materials shipments throughout the Commonwealth of Kentucky. Other private sector experience comes in the form of Host Intrusion Detection System (HIDS) and Network Intrusion Detection System (NIDS) implementation and monitoring, physical and cyber penetration testing, incident response, cyber and physical security consulting, security assessments, counterintelligence program planning, and security policy/procedure development and training. Past and current private sector customers include universities, advanced manufacturing facilities, private think tanks, major utilities, and centers for research and development.
Blake-Phillips personnel have experience in installing, configuring, building, and maintaining hardware throughout the entire scope of computer networking, such as desktops, laptops, NAS appliances, switches, routers, firewalls, IDS/IPS systems, anti-spam appliances, and gateway security systems. The Blake-Philips team collectively possesses a scope of hardware experience, ranging from perimeter to endpoint, to include custom network sensor builds.
Our personnel have extensive experience with network intrusion detection systems such as Suricata, Snort, and Bro-IDS. The team utilizes tools such as Wireshark, tcpdump, Ettercap, Netwitness, Kismet, SELKS and other NIDS/NIPS tools to conduct deep packet and traffic analysis. Blake-Philips personnel also have experience with proprietary NIDS/NIPS tools in support of the U.S. Army Research Laboratory’s network defense mission. The team is experienced with traditional signature based host intrusion detection systems such as Symantec Endpoint Protection, Bitdefender GravityZone, OSSEC, ClamAV, Malwarebytes, as well as other HIDS/HIPS tools such as CylancePROTECT (employing artificial intelligence and machine learning for detecting and stopping malware, including ransomware).
The company’s personnel also have experience in using vulnerability management solutions and scanner software such as Tenable Nessus, Qualys, Rapid7’s Nexpose and Metasploit, BeyondTrust’s Retina Vulnerability Scanner, Nmap, and OpenVAS. We have substantial experience with comprehensive security information and event management (SIEM) solutions such as Elasticsearch, Logstash, and Kibana (commonly known as the “ELK Stack”), AlienVault OSSIM and USM, Splunk, LogRhythm, SolarWinds, and MacAfee HBSS (ePO).
Networking & Security Certificates
GSEC - Security Essentials
MCP - Microsoft Certified Professional
CNDA - Network Defense Architect
CEH - Certified Ethical Hacker
SEPP - Social Engineering & Pentesting
CIOS - IT Operations Specialist
GCIA - Certified Intrusion Analyst
GAWN - Wireless Networks
CSIS - Secure Infrastructure Specialist