2 MIN READ
Tim Marcinowski, MetroStar’s Sr. Director of Open Source Strategy shares why his team built Paradrop, a free and open source cybersecurity solution.
As I delved deeper into the world of DevSecOps and assumed the role of an Information System Security Officer (ISSO) for a closed-area lab, I was confronted with the daunting task of maintaining and updating System Security Plans (SSP) and other necessary documents. The complexity of this task was further amplified by the need to manage multiple Authorization to Operate (ATO) and special-purpose systems.
But as time passed and my role, job, and industry changed, everywhere I went, no matter the context, I realized the same problems early in my career were the same problems we're still solving today.
-
What systems do I have?
-
Are my systems operating normally?
-
Are my systems compliant?
-
Is there anything that needs my attention?
What Capabilities Did We Need?
I selfishly wanted the capabilities and benefits to complement other solutions, even similar ones, to be flexible and plug-and-play. It's FRUSTRATING when technologies don't work out of the box or your environment is constrained somehow. So, what does a solution need to do well?
Data-Intensive: Can I quickly find what I need for various activities? (Auditing, Root Cause Analysis, Reporting)
Visibility: Do I have a complete picture of the most critical information needed across different use cases? (Monitoring, Compliance, Configuration Management)
Compatibility / Interoperability: Work with a wide range of technologies, old and new. (Unix, Docker Compose, Kubernetes, Edge, Virtual)
Looking For Benefits
Lastly, how does this benefit me as an engineer focused on various challenges with variable resources?
-
Manage more with less.
-
Navigate confidently in complex environments (often by reducing complexity).
-
Scale while saving on infrastructure footprint, utilization, and costs.
But there must be something out there that does this, right? Well, mostly yes, in some capacity or morphing of multiple things of things that result in a three-legged, one-eyed BEAST! I opted not to deal with this ~~hairy~~ situation any longer and would instead manage the chaos.
Why We Built Paradrop
This brings me to why we built Paradrop, our cybersecurity asset management solution. We needed to address these fundamental challenges and provide an excellent foundation for innovation. Paradrop allows us to test-drive MetroStar’s Innovation Lab initiatives and customer-driven visions. Some of these initiatives are:
-
Integrating LLMs with system data to explore new ways to leverage more data points smarter.
-
Test broader RAG LLM distributed networked architectures with real-world application data.
-
Increase cybersecurity capabilities in the open source world by showcasing the possibilities between government and Industry collaborations.
Check out the Paradrop source code on GitHub
As Paradrop is still developing, the solution shows promise for end-users and customers looking to adopt open technologies to reduce cyber complexities and drive costs down in an innovative approach. It costs nothing to get started, but it’s your time, so why not get started today?
Learn more by contacting our team.
