Cyber Analytics and Detection

Cyber Analytics and Detection (CAD) provides capabilities that help Soldiers analyze and detect external and internal cyber threats to the Army. CAD focuses on software-based programs that support mission command, planning, integration, analysis and execution at all levels.

The Defensive Cyber Operations mission planning (DCOMP) capability integrates cybersecurity requirements, intel and vulnerability analyses with the outputs of mission analysis to determine probable attack vectors and to produce a set of relevant internal defense measures, triggers and decision points. The cyberspace analytics capability offers interfaces and visualizations accessible by cyberspace defenders at all levels to facilitate counter-reconnaissance activities aimed at discovering the presence of advanced or sophisticated cyber threats and vulnerabilities.

The user activity monitoring (UAM) capability is a scalable solution that proactively identifies internal risks associated with the theft or misuse of critical, mission-essential data. It also assists with the establishment of the Army’s Insider Threat (InT) Program, which utilizes full-spectrum solutions to assess, deter, deny, defend, defeat and evolve against the insider threat. The threat emulation capability allows the cyber community to conduct threat emulation in a garrison, deployed or mission partner environment on information systems, net-enabled warfighting platforms and critical infrastructure by closely resembling adversarial capabilities.