InQuest Deployed by DISA in the Joint Regional Security Stack (JRSS)

Posted on 2018-02-01 by Anindo Mukherjee

InQuest provides an on-premises network-focused security solution deployed at many high-volume, mission critical environments, including DISA’s Joint Regional Security Stack (JRSS)1. JRSS comprises a regional network security architecture subset for the Joint Information Environment (JIE), administered by DISA 2. By post-processing files and applying Deep File Inspection (DFI) with a robust array of integrations, InQuest is able to rapidly increase malware detection rates without impacting the scale of network operation at deployed locations such as the Department of Defense (DoD). In partnership with OPSWAT and Exodus Intelligence, InQuest inspects network sessions with not only static analysis, but reputational threat scoring and zero-day vulnerability detections to continuously ensure emerging threat coverage.

Robust Detection Capabilities

Positioned at the network edge, InQuest can processes network sessions in a matter of nanoseconds, not minutes. Connections with suspicious hosts are logged, files picked apart and analyzed using Deep File Inspection (DFI) to flag threats based on file content, even in cases of previously unseen threat campaigns. This, along with the ability to identify suspicious and/or malicious artifacts such as IPs, Domains, etc. through reputational characteristics, provides a defense-in-depth capability against the ever changing threat landscape, and a range of adversaries with an array of tactics, techniques, and procedures (TTPs).

Proven Performance

DISA’s Joint Information Environment (JIE) is a partnership between the "Joint Chiefs of Staff (JCS), Office of the Deputy Chief Management Officer (DCMO), DoD CIO, Joint Staff J6, CYBERCOM, military services, intelligence community, and National Guard." 2 In this, and over twenty-five other SOCs around the world, InQuest operates as part of the malware detection component of the environment. The core of InQuest’s solution is a patented file inspection technology that combines with a multitude of threat intelligence sources, supported third parties, and OPSWAT Metascan to create a combined threat score, providing customers with analytics necessary to detect and defend against complex attacks.

Who We Are

InQuest is an Arlington, Virginia based company that leverages extensive experience supporting the Department of Defense (DoD) as well as the Intelligence Community (IC) with malware analysis and threat hunting to tune its on-premises network oriented security solution. InQuest’s team works with mission critical networks like JRSS on a daily basis, and constantly adapts and tunes its detection engine for emerging threats and new malware campaigns.

[1] DISA Joint Regional Security Stack (JRSS) Overview

[2] Enabling the Joint Information Environment (JIE)

threat-hunting deep-file-inspection malware-analysis