The Booz Allen Difference | Booz Allen Cyber Security

The Booz Allen Difference

To create morphing defensive postures as part of our Managed Detection and Response Service, we need technology that allows us to detect attacks, respond to attacks and then adjust your defenses based on what we learn from those attacks.  The Booz Allen Defense Platform provides these capabilities as part of the overall Booz Allen Managed Detection and Response Services.

What is Booz Allen Managed Detection & Response?


Morphick Visibility

Full Visibility

You can’t catch what you cannot see.

  • Full packet capture on network
  • Complete visibility to inbound email
  • Targeted scans of end points
Morphick Detection

Dynamic Detection

More ways to catch more attacks

  • Signature
  • Reputation
  • Behavior
  • Analytics
NSA Cyber Incident Response Assistance (CIRA) accredited


Stop the attack quickly, remediate the full extent of the attack

  • NSA Cyber Incident Response Assistance (CIRA) accreditation

  • Analytical Pivoting quickly defines the full extent of an attack

  • Patented investigative analytics tools and processes

  • Attack triage dramatically reduces the time and cost of threat analysis response



  • Complete network visibility
  • Signature, Sandboxing, and Analytics-based detection
  • File carving
  • SIEM integration
  • Full packet capture

Cloud-Based Email

  • Complete email visibility
  • Spam/Antivirus filtering
  • Hyperlink resolution analysis
  • Signature, Sandboxing, Reputation, and Analytics-based detection
  • File carving
Booz Allen endpoint visibility

Endpoint Visibility

  • Persistent Sensor Agent always running for complete visibility
  • Cloud based deployment
  • Prevention, Detection, Threat Hunting in one console
  • Able to hunt for: file system, registry, running processes, memory, open connections, netflow data, IOC’s, etc