Einstein (US-CERT program)
| Developer(s) | US-CERT |
|---|---|
| Initial release | 2004 |
| Type | network security and computer security |
| Website | Analytical Tools and Programs at US-CERT for government users |
Einstein (also known as the EINSTEIN Program) was originally an intrusion detection system that monitors the network gateways of government departments and agencies in the United States for unauthorized traffic. The software was developed by the United States Computer Emergency Readiness Team (US-CERT), which is the operational arm of the National Cyber Security Division (NCSD) of the United States Department of Homeland Security (DHS). The program was originally developed to provide "situational awareness" for the civilian agencies. While the first version examined network traffic while the expansion in development could look at content., today's Einstein is significantly more.
Einstein is the product of U.S. congressional and presidential actions of the early 2000s including the E-Government Act of 2002 which sought to improve U.S. government services on the Internet.
Einstein's mandate originated in the Homeland Security Act and the Federal Information Security Management Act, both in 2002, and the Homeland Security Presidential Directive (HSPD) 7, which was issued on December 17, 2003.
The Federal Computer Incident Response Capability (FedCIRC) was one of four watch centers that were protecting federal information technology when the E-Government Act of 2002 designated it the primary incident response center. With FedCIRC at its core, US-CERT was formed in 2003 as a partnership between the newly created DHS and the CERT Coordination Center which is at Carnegie Mellon University and funded by the U.S. Department of Defense. US-CERT delivered Einstein to meet statutory and administrative requirements that DHS help protect federal computer networks and the delivery of essential government services. Einstein was implemented to determine if the government was under cyber attack. Einstein did this by collecting flow data from all civilian agencies and compared that flow data to a baseline.
...
Wikipedia