Save $200 on 4-6 Day Courses at SANS Network Security 2018 in Las Vegas. Ends Tomorrow!


Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

National Security Agency's Information Assurance Directorate Wins 2012 National Cybersecurity Innovation Award

The innovation: Combating common and damaging cyber attacks with convenient, transparent non-persistent desktop browsing technology from Invincea, Inc. Pictured: Debora A. Plunkett, Information Assurance Director, National Security Agency; Harley Parkes, NSA; Tim Kruger, US CyberComm; John Dollen, NSA

  • Washington, D.C.
  • November 13, 2012
National Security Agency's Information Assurance Directorate Wins 2012 National Cybersecurity Innovation Award

The SANS Institute today announced that the National Security Agency's Information Assurance Directorate has won a 2012 U.S. National Cybersecurity Innovation Award for combating cyber attacks with an innovative non-persistent desktop browser.

For several years, the promise of non-persistent desktop browsing (NPDB) has been little more than just that -a promise. But thanks to an exhaustive evaluation of Invincea's technology, the NSA has confirmed that it is a real operational capability. NPDB is an emerging technology that effectively addresses the rapidly increasing security threat stemming from malicious software (malware) drive by spear-phishing and drive-by-download attacks used by nation-states, cyber criminals, and hacktivists to penetrate systems and networks and exfiltrate valuable information for profit. Recently, the Department of Defense conducted a successful Joint Capability Technology Demonstration of Invincea as part of a pre-acquisition activity for the Joint Chiefs of Staff to prove the viability of this technology, speed its transition, and deliver NPDB technology to the DoD Information Enterprise.

NSA validated the effectiveness of Invincea's NPDB technology on an isolated laboratory network at the DoD Cyber Range followed by an operational demonstration on a production network at U.S. Special Operations Command. The demonstration was structured to present NPDB as a virtualized instance of an Internet browser that would co-exist on an enterprise desktop. When the user opens the browser to engage the Internet, the NPDB solution automatically starts, providing a seamless non-persistent browsing experience on the Internet while isolating the browsing session from the host to protect against any threats that may be encountered. If the virtual browser is compromised, non-persistence is realized and all artifacts affected by the compromise are immediately eradicated and actionable forensic intelligence related to the attempted breach is captured and collected.

About the National Cybersecurity Innovation Awards

The annual U.S. National Cybersecurity Innovation Awards recognize initiatives by companies and government agencies that contribute to significant cyber risk reduction, have not been deployed effectively before in a similar fashion, can be scaled quickly to serve large numbers of people, and should be supported and adopted quickly by many other organizations. Nominators include senior U.S. government officials involved with cybersecurity as well as leaders from major cybersecurity Information Sharing and Analysis Centers (ISACs). Corporations and individuals may also nominate innovations. For the 2012 awards, more than 30 nominations were received and nine were selected. The panel of judges for the 2012 awards is described below.

Sameer Bhalotra served as White House Senior Director for Cybersecurity, leading the national identity management and continuous monitoring initiatives. He also served as the principal cybersecurity staffer for the Senate Intelligence Committee, which oversees the cyber budgets of the National Security Agency and the other intelligence agencies.

Tony Sager's stellar career at the National Security Agency spanned 34 years. He headed the Systems & Network Attack Center, oversaw all Red and Blue Team projects, created and headed security product evaluation teams, helped guide the agency's top talent development programs, served as founding director of the Vulnerability Analysis & Operations Group (comprised of 700 of the NSA's top technical cybersecurity specialists), and was the Chief Operating Officer for the Information Assurance Directorate.

Asheem Chandna is the dean of venture capitalists in the cybersecurity field. As a partner at Greylock since 2003, he has helped create and grow multiple security technology businesses to market-leading positions, and successfully merged several into larger companies. He also serves on the panel of judges for the Wall Street Journal Global Technology Innovation Awards.

Alan Paller is Director of Research at the SANS Institute, where he oversees an international search for people and organizations that have identified important ways to reduce the risk posed by cyber threats. He also oversees the Internet Storm Center and the annual initiative to determine the seven most dangerous new attack vectors. He co-chairs the DHS Task Force on Cyberskills and the FCC Working Group on Cybersecurity Best Practices in the telecommunications industry.

SANS Media Contact

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 60 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates a practitioner's qualifications via over 30 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (