The MERC cybersecurity team uses specialized tools such as Fortify ®, Selenium ®, and Open Web Application Security Project (OWASP) dependency-check to identify and correct vulnerabilities and weaknesses in the source code prior to deployment.
MERC’s integrated team of computer scientists and engineers provides cybersecurity services for specified platform information technology within the Industrial Depot Maintenance authorizing official boundary using the Risk Management Framework (RMF) for DoD information and AFI-17-101 RMF for Air Force information technology. Team members have experience performing penetration testing on MERC’s internal information systems as well as the government information systems. We are experts in vulnerability scanning and remediation, advising management on auditing policies and procedures, performing audits for information systems, and applying Security Technical Implementation Guides (STIGs) to network appliances and servers. Our team uses cyber security best practices (application security testing, software bill of materials, and software composition analysis) during our software development processes.
MERC’s experienced cyber team uses our Network Security Operations Center to monitor network events.