Tresys has been a trusted partner and advisor to Red Hat, NSA, IBM, and other high-assurance security customers for many years. Our focus has been to work with industry via the Open Source community to adopt fundamental technologies and approaches that rethink how security is successfully applied and implemented. Starting with flexible mandatory access controls provided in SELinux, and continuing in our research, and work in only known good filtering, and content inspection.

Tresys services continue to provide our customers with the high integrity security that meets the challenges of the most demanding environments in the world.

Our team can work with you to design, build, deploy, and support certification and accreditation activities for your environment.

Device Vulnerability Assessment

Do you know what your device really does? Whether explicit or not, you have security goals for every computing device and application you use. You have to make sure you understand how well protected, and how resilient your systems are to attack. That means understanding the threats you face and configuring systems appropriately for your environment.

Read More

Platform Security

Effective computer, mobile, and information security is essential to running any successful operation. Breaches and compromise are daily occurrences. You can’t afford to lose data, and you can’t afford downtime. With mobile devices, your enterprise has extended beyond traditional boundaries. Tresys can help you secure your systems, protecting your assets and enabling you to operate with confidence.

Read More

Cross Domain Solutions

You need to get important data securely from one place to another, ensuring that only the data you want to move is released, while protecting your network from attack. You not only need a system that meets the stringent security requirements for this connection – you also need to have the system approved to operate, and you need it in place as soon as possible.

Read More

Security Architecture Assessment

Tresys Technology provides a comprehensive security assessment of system architecture and configuration for a multitude of clients including: U.S. Defense, Intelligence, Civilian Government, and Critical Infrastructure platforms and networks. Since its inception in 1999, Tresys has established itself as a leader in advancing fundamental platform security technology and applying security technology to solve real-world problems. Tresys’ experience in all aspects of operating system and platform security, including fundamental technology research and development, tool development, policy development and analysis, solution design, implementation, and testing provides an edge when it comes to analyzing your solution security needs.

Read More

Blockchain Security

Blockchain technology is often considered trustworthy by design. Many people conflate blockchain with Bitcoin, which is a permissionless public blockchain implementation. Blockchain technology is much more than Bitcoin - many blockchain solutions that address real business challenges are permissioned private or federated implementations. Blockchains are software; they rely on operating systems, other software, networks, and often information systems outside the blockchain. It is important to look at a blockchain implementation as part of a larger system, with the same security concerns as any other solution. Tresys has a long history of creating and securing some of the most sensitive information sharing systems in the world; we are prepared to apply our years of information and system security experience to ensure your blockchain solution is implemented in a secure manner.

Read More

Data Filtering

Transferring files to and from your network carries the risk of introducing malicious content or inadvertently releasing sensitive data. Effectively managing file and data transfers requires a deep understanding of file structure and contents. Tresys has years of experience developing file and data filtering technology to support safe data transfer for both commercial and government applications, including the Data Format Description Language (DFDL) standard and the open source Daffodil processor for DFDL.

Apache Daffodil (incubating) is an open source implementation of the DFDL (Data Format Description Language) specification that uses DFDL schemas to parse fixed format data into an infoset, which is most commonly represented as either XML or JSON. This allows the use of well-established XML or JSON technologies and libraries to consume, inspect, and manipulate fixed format data in existing solutions. Daffodil is also capable of the reverse by serializing or "unparsing" an XML or JSON infoset back to the original data format.

Tresys is proud that its team members are active contributors to the Apache Daffodil (incubating) project. See for more information.
Apache, Apache Daffodil, and Daffodil are trademarks of The Apache Software Foundation.

Read More