| Margie Collins |
9/27/2024 |
Friday, September 27, 2024 |
Vulnerability meeting, no log4j. POAM discussion and prep for our POAM summary meeting on Tuesday.
SAP Security weekly meeting to discuss vulnerability strategies and how we will test S_START transaction vulnerability in RS4 with Sola (SAP Security) and meet with Mulatu (Functional). We had the Password Submit meeting this week and discussed SAP Security vulnerabilities. Discussed (OS, POAM and 4th QTR) STIGs with SMEs. We also had meeting with SMEs to talk about notes needed to be completed by end of the year or as part of Support Package upgrade (when applicable). We are waiting on more details from the SMEs. Meet with Sameer, David, Calvin (SME) and I to discuss how the Functional POC is using BOBJ/BODS DEV and NON-Prod in their configuration. Please note, this configuration was set up years ago so this is a discovery task for current SME and I.
Complete SSO BI Analytic tab issues for uses in XP9 (resynced their accounts) � INC 101112472 and INC 101119206.
I created False Positive submission templates for ACAS ID 144050, 147164, 159464 and 194473 to discuss with SME and sent to PMW team for approval.
Weekly Risk Acceptance Request: Decision Meeting, SAP_85650 and SAP_7250 Exception forms were Accepted by the PMW team. The SAP_96161 and SAP_96160 has been put on HOLD pending more information.
Attended weekly Cyber meetings (DEV BUNDLE Cyber vulnerability; Working Session: Cyber Innovation App, Cyber Vulnerability Power Sessions to contribute to meetings as needed.
Attended and reading up on ERP High Availability (HA) and Disaster Recovery (DR) in which SME and I will be participating in this on Nov 23.
Meet with Larry this week who has given us his audit list of the submission forms that our team has sent for review and approval. We will take this list to do further audits based on this and our list.
|
NA |
| Margie Collins |
9/20/2024 |
Friday, September 20, 2024 |
Vulnerability meeting, no log4j. POAM discussion and prep for our POAM summary meeting on Tuesday. The ACAS numbers have gone down. ERP High Availability meeting to discuss upcoming HA exercise on November 23, 2024. I will be performing the Business Intelligence section of the HA plan. SAP Security weekly meeting to discuss statuses on SAP_20861 which is based on users with expired password hashes. We also discussed this last week in the PMW meeting and will have a separate Password Submit meeting to talk about this and other similar vulnerabilities at that time. Jeff is sending out the Password Submit invite. Also discussed SAP_101050 � Non reference user assignment is not possible, per PMW team, Larry is going to ask Onapsis how they are coming up with the tables associate with this finding.
Sola (SAP Security) and meet with Mulatu (Functional) to look over my shoulder to test the SAP_102460 � s_start vulnerability in RS4 (lab). We were not able to test this in RS4 because there is no data so therefore I will see if we can get another restore but from RU4 to RS4 to continue to test the affects of the vulnerability on the s_start object.
Weekly NETSS SAP BusinessObjects Team Coordination meeting, we discussed Business Object Enterprise (BOE) BOBJ/BODs with the subject matter experts (SME). Please note, I am using Business Object Enterprise (BOE) when referencing the BODS/BOBJ systems. We are continuing to work on the BOE vulnerabilities. (1), ACAS ID 144050, 147164, 159464 and 194473. These vulnerabilities fall under the name Apache Tomcat 9.0.0.M1 < 9.0.44, per SAP notes, these CVE does not have on BODs so therefore we would like to wait until we upgrade the BODS system which also comes with the tomcat upgrade(2) ACAS#146272 - False Positive Write Up for BOBJ servers; (3) Review notes to find out if there is a workaround or needs SP upgrade; (4) Discussed for remediation or submission 3479478 - [CVE-2024-41730] Missing Authentication check in SAP BusinessObjects.
Weekly Risk Acceptance Request: Decision Meeting, SAP_96060 Exception form was Accepted by the PMW team.
Meet with and received status from the SMEs regarding their FY24-QTR 04 Application STIGs due by 28 OCT 24.
Attended weekly Cyber meetings; Working Session: Cyber Innovation App, Cyber Vulnerability Power Sessions to contribute to meetings as needed.
|
None |
| Margie Collins |
9/13/2024 |
Friday, September 13, 2024 |
Weekly NETSS SAP BusinessObjects Team Coordination meeting, we discussed Business Object Enterprise (BOE) BOBJ/BODs with the subject matter experts (SME). Please note, I am using Business Object Enterprise (BOE) when referencing the BODS/BOBJ systems. We are continuing to work on the BOE vulnerabilities. (1) new vulnerabilities for BoBJ servers that showed up this month, ACAS ID 144050, 147164, 159464 and 194473. These vulnerabilities fall under the name Apache Tomcat 9.0.0.M1 < 9.0.44 multiple vulnerabilities with the solution of Upgrade to Apache Tomcat version 9.0.44 or later. Please note, this is affects the BODs servers because the BOBJ servers� tomcat has already been updated as part of the BODs upgrade; (2) ACAS#146272 - False Positive Write Up for BOBJ servers; (3) Review the MJ and MBJ BOE notes to decided the best remediation date, I asked Kayla who is on the Monitoring team and part of the BOE team to download the notes for us so we can evaluate remediation dates; (4) Discussed for remediation or submission 3479478 - [CVE-2024-41730] Missing Authentication check in SAP BusinessObjects.
I performed Ansible for the HA maintenance on Wednesday, September 11, 2024.
Weekly Risk Acceptance Request: Decision Meeting, Discussed two Exceptions dealing with user accounts. We will have a separate meeting to discuss how the remediation of these vulnerabilities will affect the operations of the teams.
BASIS Cyber team received the FY24-QTR 04 Application STIGs report for remediation by BASIS team by 28 OCT 24. We had the YR 24 � OTR 3 Application Stigs meeting with SMEs. We discussed their Stigs and well as what is needed to complete their finding to David D.
Attended weekly Cyber meetings; Working Session: Cyber Innovation App, Cyber Vulnerability Power Sessions to contribute to meetings as needed.
|
Follow ups from this week activities; Attend meetings as noted on my calendar. |
| Margie Collins |
9/6/2024 |
Friday, September 6, 2024 |
Short week (Labor Day, Monday, September 2, 2024)
Weekly NETSS SAP BusinessObjects Team Coordination meeting, we discussed Business Object Enterprise (BOE) BOBJ/BODs with the subject matter experts (SME). Please note, I am using Business Object Enterprise (BOE) when referencing the BODS/BOBJ systems. We discussed (1) new vulnerabilities for BoBJ servers that showed up this month, ACAS ID 144050, 147164, 159464 and 194473. These vulnerabilities fall under the name Apache Tomcat 9.0.0.M1 < 9.0.44 multiple vulnerabilities with the solution of Upgrade to Apache Tomcat version 9.0.44 or later. Please note, this is affects the BODs servers because the BOBJ servers� tomcat has already been updated as part of the BODs upgrade; (2) ACAS#146272 - False Positive Write Up for BOBJ servers; (3) Review the MJ and MBJ BOE notes to decided the best remediation date; (4) Discussed for remediation or submission 3479478 - [CVE-2024-41730] Missing Authentication check in SAP BusinessObjects.
I was able to get my Onapsis INC 101102093 resolved by the Boundary team after they refreshed my cert. I am still waiting on information to reactivate my SAP account � INC 101102090. I turned in my PRIV Access Package that needed renewed. I participated in the DEV maintenance on Saturday, August 31.
Weekly Risk Acceptance Request : Decision Meeting, BASIS Cyber along with SAP Security team, discussed SAP_101050 � discussed updating this form by adding an �On Hold� entry under the Decision Category and removing needing justification.
BASIS Cyber team received the FY24-QTR 04 Application STIGs report for remediation by BASIS team by 28 OCT 24. We had the YR 24 � OTR 3 Application Stigs meeting with SMEs. We discussed their Stigs and well as what is need to complete their finding to David D.
Attended weekly Cyber meetings; Working Session: Cyber Innovation App, Cyber Vulnerability Power Sessions to contribute to meetings as needed.
Attended All Hands and Agile Part 2
Planned Activities for Upcoming Week. (Include milestones or detailed tasks) *
Follow ups from this week activities; Participate in NON-Prod maintenance on Saturday, September 7, 2024 at 6 AM; Attend meetings as noted on my calendar. |
NA |
| Margie Collins |
8/30/2024 |
Friday, August 30, 2024 |
During the Vulnerability meeting, it was confirmed that there was no log4j vulnerabilities on BASIS servers to include (INC 101094943) for the DataCenter team to remediate. I am still having issues accessing the Onapsis platform so I will put in a ticket with Boundary team regarding this issue.
Weekly NETSS SAP BusinessObjects Team Coordination meeting, we discussed Business Object Enterprise (BOE) BOBJ/BODs with the subject matter experts (SME). Please note, I am using Business Object Enterprise (BOE) when referencing the BODS/BOBJ systems.
Completed BOE Access - INC 101095922 (Calvin Shipman - SME); INC - 101089798 (David Barber/Kayla Williams - SME backup), sent email instructions on how to logon to these systems. Completed INC 101083136, assigned task - Deactivate (BODS/BOBJ) users in BOE systems, I attached to my task how we performed this task and the users that were deactivated throughout the BOE systems. Calvin and I received a request from Jared on setting up the BOE systems for Ansible. I forwarded the BOE Start/Stop instructions to Jared to update Ansible.
During our Weekly Write up meeting, we discussed outstanding BOE ACAS 156103 and 182252 log4j False Positive (FP)(forms that was initially sent back to the BASIS Cyber team as rejected. We sent an email to the Navy Cyber team for more directions since this BOE log4j FP was granted a couple months back. As of today, since these item are no longer on the weekly ACAS vulnerability report, they are no longer a finder and can be updated to STATUS - RESOLVED.
Weekly Risk Acceptance Request : Decision Meeting, BASIS Cyber along with SAP Security team, discussed SAP_101050 - Non-reference user assignment is possible False positive submission form. We noted that this finding is already covered by SAP in transaction su01. Per RMF team, the decision to approve this request has been put ON-HOLD pending further review by Larry (Onapsis SME).
BASIS Cyber team received the FY24-QTR 04 Application STIGs report for remediation by BASIS team by 28 OCT 24. We will set up meeting with SMEs based on STIGs list in this report.
Weekly Sprint Planning for Sprint (Aug 26 - Sept 6) - Also talked about taking advantage of Data verse training; Weekly Working Session: Cyber Invocation App meeting - Focused on sample data to use for the views for the application.
Attended PMW 220 All-Hands hosted by Mike Simon and PMW 220 Quarterly All Hands - 4th Qtr. |
None |
| Margie Collins |
8/23/2024 |
Friday, August 23, 2024 |
During the Vulnerability meeting, it was confirmed that there was no log4j vulnerabilities on BASIS servers; however, vulnerabilities were identified on the Data Center servers. The BASIS CYBER team created (INC 101094943) for the DataCenter team to remediate. In the weekly NETSS SAP BusinessObjects Team Coordination meeting, we discussed BOBJ/BODs with the subject matter experts (SME).
I created REG DEF QCI 9732 from QCI 29859 to import SD7930186 into SP7. This transport was approved at the CCB and successfully imported into SP7 on Thursday, August 23, 2024. As a result, the SAPU15 CAT I vulnerabilities (SAP_98960, SAP_100560, and SAP_100960) have been resolved, allowing us to close QCI 29859 and QCI 33140.
I assigned INC 101090979 to address an issue where a user was prompted with a login screen when accessing Planning Webi Reports. Task 52110105 (approved by David) was created to delete and re-add the user in XP9 to resync the account and resolve the issue. The task was completed, and the user can now access the Webi report without any issues.
The Cyber BASIS team submitted a false positive report for SAP_101050, indicating that non-reference user assignment was possible. This submission was forwarded to the Risk Acceptance Requests: Decision Making meeting for review and approval.
In the DC OS STIGs meeting, STIG items were discussed with the SMEs. I created SCOR 101094641 to remediate STIGs on a BOBJ server. This SCOR was approved, the remediation was completed, and the issue is now closed.
As part of the BW Sunset UM, BOBJ, Portal project, I completed Task 5217512 to add SSO to AU4 for IDT (INC 101084718). I also created Task 5217523 for Ron to copy the BU4 certificates to AU4 to support SSO efforts (INC 101084718). The BW SME was asked to test the IDT SSO connection to AU4, and the connection was successfully verified.
I attended the Development: Cyber Innovation App working session, Cyber Analysis, and the Daily Stand-up: Cyber Vulnerability Power App.
Finally, I received Task 5218181 (INC 1010959922) to provide NON-PROD BOBJ/BODS access to the SME, and I will start this task on Monday.
PLANNED ACTIVITIES FOR NEXT WEEK Weekly meeting ;Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, Follow ups and POAM meetings |
NA |
| Margie Collins |
8/16/2024 |
Friday, August 16, 2024 |
We had a BODS/BOBJ Touchpoint Meeting with SMEs to discuss the current "As Is" status with Calvin Shipman, Sreenivas Gundu, Brandon Bulka, Justin Shirk and Thomas Darcy. We discussed update to the Entitlement system in the BOBJ Unit Test systems from BU4 to AU4, for which INC 101014871 (closed) and how the rules were going to be imported into AU4 to make assignments to users. Calvin and I completed 101014871 so therefore I closed the task. Brandon is going to create another task regarding importing the roles to be uses in BOBJ XU4. More to come. Per INC 101083136 (Disabling inactive users in BODS/BOBJ) systems, this is a little more involved because 95% of the users are coming from the backend systems. I stoke with David regarding getting the Monitors involved to assist Calvin and I in documentations, tickets, etc and he agreed; therefore INC 101089798 was created for this effort. This INC was approved by Carlo, so therefore I will work on this on Monday.
Escalation was started on Monday, August 12 at 9:45 AM, A FRACAS SCOR No. 101087095 has been created because on INC 101086985 "Production Portal not launched from some of the NMCI VPN" , the Escalation ending at 10 PM.
Per POAM review, the BASIS team is looking for orphan POAM vulnerabilities. We found 6 orphans.
Per Security meeting, SAP_101050 - Non-reference users assignment is possible, the SAP Security team would like to put in an Exception for this vulnerability because SAP already has a flag in the reference filed of SU01 that prevents certain users to be reference users. I will create the form and get data for this exception. The RS4 system is now available to Cyber team, so therefore we will start working on remediation of s_start authorization issue in the lab.
Per POAM meeting, I will give the POAM STIG .ckl files to James Campbell to complete out these POAM STIG files.
I followed up on QCI 33140 and 29859 with Swati (Change Management) and Sachin (Developer) regarding the remediation of SAP_98960, SAP_100560, and SAP_100960. After rerunning the AMO report, we noticed another LD4 transports needed to be moved to LQ4, so a another REG defect (31440) was created. After adding additional information to the ticket and submitting a "Move to Q" form with the transport number, LD4 was successfully transported to LQ4. Now this system is currently not on the report.
Mid-week catch up meeting, Daily Stand Up: Cyber Vulnerability Power App meeting, and Walkthrough Maintenance Window Template meeting with follow ups.
Escalation was started on Wednesday, August 14 at 8:45 PM, A FRACAS SCOR No. 1010900052 has been created "SLP is down", the Escalation ending at 12:45 AM.
I participated in the Navy ERP TCCB to have the SAPUI5 transport for remediation of SAP_98960, SAP_100560, and SAP_100960 for QCI 29859 and QCI 31140 in SP7 and PP8. Participated in Working session: Cyber Innovation App with Kumar and team. One of the discuss is now we can get data from AWS into Power BI.
After transports were upload, the SP7 is still outstanding and the FD4 transport will be into FF4. Working with Swati to rectify. |
NA |
| Margie Collins |
8/9/2024 |
Friday, August 9, 2024 |
This week, we had a NETSS SAP BusinessObject team, including Calvin Shipman (SME), Sameer, David, and myself, convened to discuss the current ("As Is") and future ("To Be") states of the BODS/BOBJ system. Unfortunately, there is no existing documentation from the previous SME, so we are starting from scratch to document the current systems and processes. Calvin and I will be meeting weekly to address these tasks. Additionally, Calvin will utilize the Monitoring team with OS access to help him view the system since the current SME lacks OS access. We also identified that some former SME/user accounts still have access to the BODS/BOBJ systems, which should be revoked. We discussed the sunset of the BW systems, expected around June 2025 and the effect of current/future BODS/BOBJ system. I initiated INC 101082493 to disable Phong's account and INC 101083136 to disable former accounts. Please note that INC 101082493 was completed following Carlos's approval and was closed on August 8, 2024. I am gathering the list of users for deactivation under INC 101083136 for Carlos's approval. I created and shared BODS/BOBJ links with Calvin and Sameer, and sent post-OS patch application steps for the BOBJ servers. Sameer will add these instructions to all the Maintenance plans.
I attended the BW Sunset: Security (DEV INC 101014817) meeting to discuss project progress. This was Calvin's and my first meeting with the BW (BODS/BOBJ) team, where they discussed the sunsetting of BODS/BOBJ in November 2024. They also mentioned the need to update the Entitlement system in the BOBJ Unit Test systems from BU4 to AU4, for which INC 1010148717 was created. Calvin and I will review this during our weekly meeting on Monday, August 12, 2024.
I followed up on QCI 33140 and 29859 with Swati (Change Management) and Sachin (Developer) regarding the remediation of SAP_98960, SAP_100560, and SAP_100960. After rerunning the AMO report, we noticed that LD4 transports need to be moved to LQ4, so a REG defect (31440) was created. After adding additional information to the ticket and submitting a "Move to Q" form with the transport number, FD4 was successfully transported to LQ4. Upon rerunning the report, I observed that only one of the three OKB issues (SAP_98960) was resolved, so further investigation with the team is required.
I participated in the SAP Application STIG review, where we discussed three open findings (CAT II): v222447 (currently being remediated with SAP_98660), v222486 (icm/HTTP), and v222549 (audit logging). These findings are associated with existing Exceptions, either approved, submitted, or currently being worked on. I have updated the findings in the STIG documentation and discussed OS STIGs with the SMEs.
Tim and I went through an Inventory SME sheet walkthrough for the Cyber Vulnerability Power Application. The Cyber team uses this sheet to assign SMEs to vulnerabilities. We also discussed the potential need for an SME table so the Cyber team can make updates as needed. I participated in various meetings throughout the week, including the Daily Stand-up for the Cyber Vulnerability Power App, and working sessions for the Cyber Innovation App and Cyber Analysis. I confirmed the completion of Power BI and ODIN access. Our current sprint ends today, August 9, 2024, with three items that will carry over to the new Sprint. The next Sprint Planning session (for August 12�23) is scheduled for Monday, August 12, at 10 AM.
During the SAP Security OKB-ID Vulnerability Review, we continued discussing the remediation of SAP Security vulnerabilities in RS4 and planned to continue addressing the s_start authorization issue with Sola after RS4 is returned to the Cyber BASIS team next week. The Security team will create a QCI for approval for a new role for SAP_101050 in RD4, so it can be transported across the landscape and assigned to Cyber BASIS. This will allow us to create our QCI to apply the changes associated with this vulnerability. We hope to begin this process next week.
We are currently tracking 16 STIP5 POAM SAP Notes, with 12 active and 4 that cannot be implemented, which require the SME attention. We sent the SME the latest tracker for updates of these outstanding SAP Notes.
During the Risk Acceptance Request Decision Meeting, we discussed two Exception forms that need further follow-up before approval: 2024-04-04_EX_SV-230302 (RHEL 8 must prevent code from being executed on file systems containing user home directories) and 2024-04-04_EX_SV-244545 (The RHEL 8 fapolicy module must be enabled).
Planned Activities for Upcoming Week. (Include milestones or detailed tasks) *
Follow ups from this week activities. I am also scheduled as Escalation Manager from Saturday 12 AM, 10 AUG 24 - Friday 11:59, 16 AUG 24. |
NA |
| Margie Collins |
8/2/2024 |
Friday, August 2, 2024 |
I attended the Vulnerability Review meeting (no Log4j reported); followed up on QCI 33140 and 29859 with Swati (Change Management) and Sachin (Developer) for remediation of SAP_98960, SAP_100560, and SAP_100960; there were issues with the order of these transports because the previous QCI 29859 was never closed, causing delays in getting these transports into PROD. I also followed up on DEV parameter changes from last Saturday; the icm/HTTP parameter was inputted incorrectly, requiring another SCOR creation and coordination with the Functional lead to bounce the DEV SAP systems for this change. I attended the Biweekly Basis Team Coordination Meeting; the Sprint Review and Retrospective, where we discussed what we did well and what we should change, gaining great insight; and Sprint Planning for the Sprint (July 29 - Aug 9), where we discussed new user stories for the sprint period. During the Daily Stand-Up for the Cyber Vulnerability Power App, I requested my OIN access and was assigned the user story to map data columns from the data source to the combined list; after discussing with Tim, I was able to close this task. I attended the SAP Application STIG review, from which there are three open findings (CAT II): v222447 (currently being remediated from SAP_98660), and follow-up needed on v222486 (icm/HTTP) and v222549 (audit logging); David D. also requested screenshots of all open and closed findings for each STIG.
I conducted a deep dive into Stipulation 5 Tracking (POAM) with SMEs; thanks to Angelo's efforts, the last outstanding STIP5+500 STIGs on the STIP5 report were closed, but I still need to follow up with Celeste regarding her outstanding POAM notes to distinguish which notes need exceptions, SME assistance, or completion; there is one outstanding SV currently part of the August bundle and being remediated. Per Jeff, the weekly Stipulation 5 meeting, after one year of tracking, has been removed from the calendar. I attended the Cyber Team Review; the Navy ERP Daily SCOR Meeting, where SCOR 101077124 was created for the RZ10 icm/HTTP change in DEV and was approved on Tuesday after coordination with the Functional lead; Sohn made changes on the OS DEV systems, and we restarted the SAP DEV systems. Regarding POAM Statistics, there was no report to discuss this week, and per Paul, the report might not be available for a couple of weeks. I attended the SAP Security OKB-ID Vulnerability Review; continued discussing the remediation of SAP Security vulnerabilities in RS4; and planned to continue the remediation of s_start authorization with Sola after RS4 is returned to the Cyber BASIS team next week. I also attended the Walkthrough Maintenance Window Template meeting to discuss the upcoming Non-PROD maintenance on Saturday, August 3, 2024; the Risk Acceptance Requests: Decision Meeting, where we received approval of our Exception and further discussed the SAP_ALL Exclusion list, which Jeff sent to the PMW team, and Paul will embed into the Exclusion form for further approval. Lastly, I attended the Mandatory CAT 1 Meeting, where we updated the CAT 1 ACAS and Onapsis items for August and September, with follow-up needed on Business Object items (mostly Oracle-related, to be handled by the DBA team).
On Friday, I was Out of Office (All Day). |
NA, Lot of changes / personnel let go based on IBM losing the GFBES and IRS contract. |
| Margie Collins |
7/26/2024 |
Friday, July 26, 2024 |
Similar to last week ; Dev Maintenance (BOD/BOBJ, ansible) |
na |
| Margie Collins |
7/20/2024 |
Friday, July 19, 2024 |
On Monday, As Escalation Manager Backup, I received a message from our Janet that there was a connection issue from SLP to NDP and MDR DB. We created a FRACAS and contacted the Help Desk to create a High Priority SCOR to have the on-call Boundary team member join us on our BASIS line. The boundary team member joined us and asked us to retest stating they had an outbound issue that was resolved on their end. We were successfully able to connect SLP to NDP and MDR DB. I sent a message that issues was resolved. Vulnerability meeting on Monday, but a lot of the ACAS and Onapsis scan had not completed due known issue.
On Tuesday, We received the weekly POAM report and noticed some discrepancy to the report. After sending this to Paul, he stated that the servers came back on the report because the IP address had changed on them.
We meet with the SAP Security team to discuss their submission forms and vulnerabilities. I emailed participants meeting notes after the meeting.
We meet with Jamison during out BASIS Cyber weekly meeting. We discussed items we are working on and that have been submitted.
I received notification that my PROD access was reinstated. I am checking all PROD access to make sure the account as reinstated, so far all access has been granted.
Meet with the Solutions team to discuss the August DEV bundle.
On Wednesday,
I was out of the office (ALL DAY)
On Thursday, Our Managing Risk Exception meeting was cancelled by David D.
Attended the Daily Stand up - Cyber Vulnerability for Jeff, he wanted me to report that he has finished all his comments for his user stories and awaiting Tim to comment on them.
Because of access limitations, I worked with the Solutions team to remediate Onapsis items (SAP_98660, SAP_94050, SAP_64550) in RS4.
Meet with Angelo and I meet with Jared to discuss running the Tivoli jobs in Ansible. During the meeting, it seems there are some items that still need to be ironed out so therefore we are going to revisit this on July 2
On Friday, During the Solution meeting we discussed the changes that they performed in RS4. I downloaded the Daily Onapsis scans so they can check to see if their items were off the Onapsis list. The vulnerability is no longer showing up in Onapsis so therefore it is remediated.
For SAP_101050, I couldn't find a role in RS4 using transaction SUIM that matched the su53 error I received in SPRO. After adding more authorization to my profile, I successfully performed the SPRO remediation and submitted a system-wide trace file to Sola to create the necessary role for RD4. I reran the RS4 scan in to check if my changes where remediated for SAP_101050, it was remediated in RS4.
I set up a meeting with Swati to discuss moving a previous transport associated to the new transport into PQ4. The transports are from two different QCIs. I am hoping from this meeting we can successfully import these items to continue successfully patching up the landscape.
I need to perform a clean up all the OKB-ID that part of the different AMO reports. Jeff suggested we have another AMO report for just the OKB-ID associated with RS4. The solutions team will provide me the list and I will send it to Larry to create the AMO report; thereby cleaning up the old ones from the other report that are no longer used.
PLANNED ACTIVITIES FOR NEXT WEEK Weekly meeting ;Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, Follow ups and POAM meetings
|
None |
| Margie Collins |
7/12/2024 |
Friday, July 12, 2024 |
Meet with Jared to talk about my Ansible experience (lesson learned) from the Saturday, July 6th maintenance window. We have reduced the POAMs by 120 since last week. On Tuesday, we met Larry and Paul and Security team to discuss 3 Exception submission regarding the GRC system. We will continue the discussion and submission write up. We will also need to talk with the Development team regarding adding authorizations to a vulnerability with their web dypros (restricting the s_start profile). Jeff submitted server request for the servers needed for the virus scan. We had a deep dive discussion regarding what vulnerabilities are left for the STIP5. I am also participating the Sprint Planning Cyber meetings for the Olympics projects. Meet with the PWS to discuss Exception submissions. |
na |
| Margie Collins |
7/5/2024 |
Friday, July 5, 2024 |
This week was shorter due to the 4th of July holiday on Thursday, July 4, and an additional day off on Friday, July 5, 2024. On Monday, I visited the Navy Facility Center to connect to the blue line for Windows updates and VPN application on my NMIC. Upon returning, we had our weekly merge call in the afternoon and reviewed the updated POAM numbers. We have reduced the POAMs by 600 since last week, bringing the total to 12,999. Please note that the 12,999 may represent multiple POAM items for a single server.
On Tuesday, we met with the Security team to discuss their vulnerabilities and to draft a SAP write Exception for "Authorization profile SAP_NEW is activated." Jeff incorporated the Security team's feedback into the form, and the Cyber team reviewed it for any additional required information. We also had a POC prep call with Bowbridge to discuss virus scans. During lunchtime, we met with Paul and Larry to address their questions regarding submitted forms.
Additionally, I performed pre-checks on the Ansible Controller and GitLab to ensure our Non-prod servers matched the Ansible group prior to OS maintenance on Saturday, July 6. I made updates to the groups to ensure everything was synchronized and also updated the host_var file on the GitLab server.
PLANNED ACTIVITIES FOR NEXT WEEK
" Running Ansible, BOBJ/BODS, etc during Non-Prod OS Maintenance, Saturday, July 6;Attend Weekly meeting ;Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings |
NA |
| Margie Collins |
7/1/2024 |
Friday, June 28, 2024 |
What tasks did you work on this week for the charge code above? Please list the significant milestones and/or progress. If applicable, please include specific progress on tickets worked. (Do not use bullets or dashes when listing your tasks. Use commas if needed). *
- Collaborated with Brittany, Sachin, and Swati (QCI 31140 - SAP-98960, SAP_100560, and 100960) to apply the transport of copy to FD4. Sachin successfully tested the transports in FT4 before reapplying the transport of copy to FD4. Additionally, I submitted a "Move to Q" form from our previous QCI29859 so that Swati could re-transport the prior transport before proceeding with the new transport from QCI 31140.
- Reviewed weekly POAM numbers to identify outstanding vulnerabilities for ACAS, Onapsis, Notes, STIGs, and WRAs.
- Conducted a daily STIG call to discuss outstanding STIGs due by Friday, June 28, 2024, with subject matter experts. As of Friday, June 28, all 62 CKL files were uploaded to their respective folders. I will review each CKL file to note any open items for completion or exception write-up. These files, along with trackers, were sent to James Campbell for further review of STIGs.
- Discussed rejected/outstanding submission forms with Paul and Larry to clarify their status and required actions. Larry scheduled a daily stand-up at noon to address these items.
- Held our weekly security meeting with the Security SMEs to discuss existing and new Onapsis items. We have two outstanding items that we plan to replicate in our system copy lab (RS4) in the coming weeks. I am requesting Onapsis All Module reports on these items for further replication in the lab. The security SME requested more direction on one of the OKBs we discussed today. I am gathering the necessary information. Once the vulnerability solution is completed in the lab, I will create a QCI to implement this solution across the landscape.
- Jeff and I met with the RMF team to discuss the best way for them to send us outstanding STIGs that need status updates. We suggested using a Teams spreadsheet for tracking, and they agreed, creating and distributing the link to the spreadsheet.
- The BASIS Cyber team met with SMEs to discuss their outstanding OS STIGs. We identified a commonality in the required remediations, specifically the addition of correct permissions to certain folders. We consulted with Jared to determine if this remediation could be automated using Ansible. He agreed and is exploring this solution.
- The BASIS Cyber team had the innovation team join our Merge call to discuss the BASIS Cyber workflow. This initial meeting provided a high-level overview of the Cyber team's activities.
- Attending our weekly Cyber meetings for our team and others.
- I postponed my trip to the Blue Line to review all CKL files before sending them to James. I have rescheduled the trip for next week.
Did you use additional charge codes this week? *
No
Planned Activities for Upcoming Week. (Include milestones or detailed tasks) *
" Participate in the DEV Maintenance window, Saturday, June 28 at 6 AM
" Attend Weekly meeting&
" Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings
" Start working on the DC/STIP5/500+ STIGs with SMEs.
" Update Stipulation 5 tracker and send SMEs email reminders about their assignments.
" Log4js&
|
NA |
| Margie Collins |
6/21/2024 |
Friday, June 21, 2024 |
What tasks did you work on this week for the charge code above? Please list the significant milestones and/or progress. If applicable, please include specific progress on tickets worked. (Do not use bullets or dashes when listing your tasks. Use commas if needed). *
- The BASIS Cyber team requested the ECC system in the sandbox be restored from another ECC system to validate/test solutions for vulnerabilities provided to the SMEs.
- The BASIS Cyber team is now receiving email notifications from the PMW team that certain vulnerabilities have been sent to the FAO for review.
- The BASIS Cyber team is meeting and receiving email notifications from the PMW team regarding existing STIGs/CKL Vulnerability IDs. We will have a meeting to discuss better ways to collect these outstanding items for remediation and/or exception submission.
- Based on last week's BODs/BOBJ log4j finding, which was accepted as a false positive, Phong created new False Positive submission forms for the new server with the same vulnerabilities accepted by the PMW team. The BASIS Cyber team reviewed the form, made necessary updates, and emailed it to the PMW team for review and possible approval.
- Attended the Walkthrough Maintenance Window Template meeting to discuss potential updates to the template.
- Received updates from Jared regarding the new GITLAB CE server, including instructions on how to log in, change our password, and validate system access.
- Phong sent the BASIS Cyber team updates regarding decommissioned systems related to outstanding vulnerabilities, which can now be closed.
- During our STIP5 meeting, we discussed the STIP5+500 outstanding STIGs, which are almost complete. We are waiting on one SME to complete his STIGs by 6/28.
- I asked Jared to assist William (Bill) with his STIGs if he had the bandwidth.
- PMW meeting to discuss vulnerabilities.
- Daily STIG standup with SMEs to track their progress on their 3rd QTR Y24 STIGs. As of today, 31 out of 62 are completed by the SMEs. I also worked with William (Bill) P, showing him how to retrieve the STIG viewer and STGs from the http://cyber.mil website. We took screenshots and recorded the meeting for his future reference. He is now able to open the STIG viewer, install the STG, and create a new Application Server checklist for his assigned server.
- Contacted Mark G and Swati M to get updates on when the SAPUI5 patch transports will be released to the QA system to remediate the following SAP vulnerabilities: SAP-98960, SAP-100560, and SAP-100960. After informing the QCI that these transports required validation rather than testing, Mark released the transports to the QAS systems.
- Based on the updated weekly POAM report, I analyzed which vulnerabilities (ACAS, Onapsis, Notes, STIGs, and WRA) were still open from David D's STIP5 report. The ACAS POAMs from the STIP5 reports are now completed.
- Met with the BASIS Cyber team to review the STIG .ckl files and identify which of the 52 STIGs have outstanding items for remediation or exception submissions.
- The BASIS systems team received an email notification from Paul from the PMW team regarding his Stage 1 review decisions on exception/false positives we are tracking.
- Downloaded updated AMO reports to check if transports have reached the QAS systems.
- Logged into the new GitLab to verify access.
- Updated our trackers accordingly. |
NA |
| Margie Collins |
6/14/2024 |
Friday, June 14, 2024 |
What tasks did you work on this week for the charge code above? Please list the significant milestones and/or progress. If applicable, please include specific progress on tickets worked. (Do not use bullets or dashes when listing your tasks. Use commas if needed). *
" Weekly Vulnerability Team Review on Monday, to discuss vulnerability statuses to include log4j v2. No log4j for BASIS Cyber. T According to our current STIP5 POAM findings (ACAS: 0 out of 72 -Completed); (Onapsis: 19 out of 98 are open); NOTEs (116 out of 162 are open); SV (1 out of 52 are open); WRA (Completed), these numbers are from our AAG tracker. We are tracking the STIP5+500 STIGs, as of date, there are a total of 517 Application STIGs (203 Complete, 55 In progress, 22 Decommissioned, 63 Exception Needs Submitted); there are a total of 60 Operating Systems STIGs (55 Completed and 3 In Progress). Weekly Mandatory CAT 1 Review on Thursday to discuss mandatory vulnerabilities with SMEs.
" Exception/False Positive ACAS/Onapsis/Notes meeting with Marcin's group. Two Exceptions Accepted
" Submitted Exception Write up for PMW team to review, discussion and approval during the PMW weekly meetings.
" Kickoff meeting with SME to go over the 3rd QTR STIGs due 28 June 2024. Also, talked to SMEs about submitting their previous STIP+500 STIGs .ckl for submittal. Sent chats to SMEs regarding their STIGs for remediation. We are 60% completed, the rest STIGS are in progress.
" Working with Celeste to track the outstanding POAM notes due this month. She also have notes that can not be implemented so therefore we will create Exception forms for these transports. Discussed the SPAU transport with David Baker for remediation. Per David, the Cyber team can will be able to make the change.
Did you use additional charge codes this week? *
No
Planned Activities for Upcoming Week. (Include milestones or detailed tasks) *
" Attend Weekly meeting&
" Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings
" Start working on the DC/STIP5/500+ STIGs with SMEs.
" Update Stipulation 5 tracker and send SMEs email reminders about their assignments.
" Log4js&
|
NA |
| Danny Collins |
6/11/2024 |
Friday, June 7, 2024 |
03 June 2024_SBA E2G Program Federal Contract Market Update: New Opportunities and Set-Asides
03 June 2024_Reviewed SEWP VI Presentation
03 June 2024_NASA SEWP VI: How to Win Webinar - Your Guide to Mastering the RFP Process
04 June 2024_Sources Sought: Internal Revenue Service (IRS) Software Portfolio Management
04 June 2024_ SEWP VI Update
05 June 2024_LUNCH & LEARN WITH GSA: UNDERSTANING MARKET RESEARCH AND SOURCES SOUGHT
05 June 2024_SBA Empower to Grow (E2G) Master Class: GSA STARS III - Prime Empowerment Workshop
05 June 2024_Digitize Your Government Contracting Business Development (BD) Process
06 June 2024_Q2 Deltek GovWin IQ Customer Town Hall
|
No |
| Margie Collins |
6/6/2024 |
Friday, June 7, 2024 |
Charge Code 1 - What charge code did you use this week? (Please insert only one charge code in the box below. There will be identical pages in the survey to add additional charge codes.) *
5F49
How many hours did you charge on the charge code above? *
46
What tasks did you work on this week for the charge code above? Please list the significant milestones and/or progress. If applicable, please include specific progress on tickets worked. (Do not use bullets or dashes when listing your tasks. Use commas if needed). *
- Biweekly meetings with SMEs to discuss 3rd Qtr YR24 STIGs due June 28, 2024. James Campbell replaced Al Willis as STIG POC. I will forward all previous updates sent to sent to Al to James which are mislabeled STIGs that need to be updated.
- Checked .ckl files by STIG viewer
- Conducted a POAM weekly analysis with the Cyber team to update the POAM numbers for the upcoming meeting. The POAM numbers have decreased to 13,650 line items.
- Closed Task from Non-PROD SCOR from the maintenance on June 1, 2024
- Discussed the PROD Cyber SCOR which will go in this weekend
- Write up meeting to discuss outstanding and upcoming write ups
- Meet with the Security team to discuss two OKB-ID that will need to be remediated.
- Worked with Swati to get SAPUI5 to get transports in UT systems (Done). Swati will talk to gov't about putting transports into QA since there is not RTP for these type of transports.
- STIP5 and STIP5+500 meetings to discuss what is outstanding. We are currently done with ACAS and most of the Onapsis, working with Celeste to complete the STIP500 outstanding notes.
- PMW team did not have any submission forms to review with the Cyber team. There are currently +18 forms that we have sent to PMW for review.
Did you use additional charge codes this week? *
No
Planned Activities for Upcoming Week. (Include milestones or detailed tasks) *
" Attend Weekly meeting&
" Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings
" Start working on the DC/STIP5/500+ STIGs with SMEs.
" Update Stipulation 5 tracker and send SMEs email reminders about their assignments.
" Log4js& |
Non |
| Margie Collins |
5/24/2024 |
Friday, May 24, 2024 |
Meeting with Cyber team to talk about weekly vulnerabilities (no log4j vulnerabilities); The PEO MLB Technical Director Office selected the Cyber Vulnerabilities Power App project as the Winner for 2024 Innovation Showcase; There were total of 22 total submissions across five portfolios, front office and TDO; Met with Sameer and team to discuss the Annual System Password Change (we will met once a week) for system users; Calculated the number of POAMs based on our weekly eMASS POAM report. The POAM numbers are steadily decreasing; Discussed open POAM NOTEs with Celeste and Dan updates on remediation. Talked with Marcin and team regarding Process improvements to the form for "Rework" items. This was added to their form; Wrote up Exception Submissions for STIG and Security vulnerabilities. Discussed 3rd QTR and STIG+500 STIGs with SMEs; Tracking overall submissions submitted to PMW team; Walkthrough Maintenance meeting to discuss the 5/26/2024 DEV maintenance; Provided the SOP for Terminated users for STIG Exception submission (Brian will need to add information to this STIG to remediate this effort); Sachin completed updating the SAPUI5 upgrade in DEV to resolve the SAP_98960, SAP_100560 and SAP_100960 which are the 3 SAPUI5-related Findings; Meeting with Jared to discuss my Ansible responsibility for the 25 May 24 maintenance; Went to Navy base to connect to blue line to perform updates on NMIC (24 May 24)
|
Planned Activities for Upcoming Week. (Include milestones or detailed tasks) *
PLANNED ACTIVITIES FOR NEXT WEEK
" DEV maintenance with Ansible responsibility on Saturday, 25 MAY 24 at 6 AM
" Attend Weekly meeting&
" Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings
" Start working on the DC/STIP5/500+ STIGs with SMEs.
" Update Stipulation 5 tracker and send SMEs email reminders about their assignments.
" Log4js& |
| Margie Collins |
5/17/2024 |
Friday, May 17, 2024 |
PLANNED ACTIVITIES FOR THIS WEEK
" Weekly Vulnerability Team Review on Monday,5/6, to discuss vulnerability statuses to include log4j v2. No log4j for BASIS Cyber. T According to our current STIP5 POAM findings (ACAS: 2 out of 72 open should be remediated during PROD maintenance 4/13); (Onapsis: 19 out of 98 are open); NOTEs (116 out of 162 are open); SV (1 out of 52 are open); WRA (Completed), these numbers are from our AAG tracker. We are tracking the STIP5+500 STIGs, as of date, there are a total of 517 Application STIGs (203 Complete, 229 In progress, 22 Decommissioned, 63 Exception Needs Submitted); there are a total of 60 Operating Systems STIGs (55 Completed and 3 In Progress). Weekly Mandatory CAT 1 Review on Thursday, 5/16, to discuss mandatory vulnerabilities with SMEs.
" Exception/False Positive ACAS/Onapsis/Notes meeting with Marcin's group. Sent our Submission list to Paul to compare what he has received and what we have sent.
" Submitted Exception Write up for PMW team to review, discussion and approval during the PMW weekly meetings.
" Kickoff meeting with SME to go over the 3rd QTR STIGs due 28 June 2024. Also, talked to SMEs about submitting their previous STIP+500 STIGs .ckl for submittal. Sent emails to SMEs regarding their STIGs for remediation.
" Working with Celeste to track the outstanding POAM notes due this month. She also have notes that can not be implemented so therefore we will create Exception forms for these transports. Discussed the SPAU transport with David Baker for remediation.
" Working sessions with the Cyber Augment team to discuss the vulnerability IDs they are responsible for.
PLANNED ACTIVITIES FOR NEXT WEEK
" Attend Weekly meeting&
" Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings
" Start working on the DC/STIP5/500+ STIGs with SMEs.
" Update Stipulation 5 tracker and send SMEs email reminders about their assignments.
" Log4js&
|
NA |
| Danny Collins |
5/17/2024 |
Friday, May 17, 2024 |
13 May 2024_Top Contract Vehicles for 8(a) Small Business Contractors
14 May 2024_How to build Relationships with Federal Buyers
15 May 2024_Top Army Opportunities in 2024
16 May 2024_How to Create an Elevator Pitch for Small Business Government Contractors
16 May 2024_How to Create a LinkedIn B2B Marketing Strategy for Your Business
17 May 2024_Top key performance indicators (KPIs) for Small Business Government Contracting Success
|
NA |
| Margie Collins |
5/10/2024 |
Friday, May 10, 2024 |
What tasks did you work on this week for the charge code above? Please list the significant milestones and/or progress. If applicable, please include specific progress on tickets worked. (Do not use bullets or dashes when listing your tasks. Use commas if needed). *
PLANNED ACTIVITIES FOR THIS WEEK
" Continued the QCI 31140 process for SAP Fiori patch to rectify 3 OKB-ID vulnerabilities, Charm 73974 created for transports. Created DEV SCOR 101019174 for authorization to work in DEV. This was approved. Transports were created for Sachin. Sachin will create a ticket to have the System open to apply the patch.
" Weekly Vulnerability Team Review on Monday,5/6, to discuss vulnerability statuses to include log4j v2. No log4j for BASIS Cyber. This week, we did not receive the latest POAM BASIS report from PMW 220; therefore, all POAM number using numbers from previous week., the current list of POAM has gone down to 14,707. According to our current STIP5 POAM findings (ACAS: 2 out of 72 open should be remediated during PROD maintenance 4/13); (Onapsis: 19 out of 98 are open); NOTEs (116 out of 162 are open); SV (1 out of 52 are open); WRA (Completed), these numbers are from our AAG tracker. We are tracking the STIP5+500 STIGs, as of date, there are a total of 517 Application STIGs (203 Complete, 229 In progress, 22 Decommissioned, 63 Exception Needs Submitted); there are a total of 60 Operating Systems STIGs (55 Completed and 3 In Progress). Weekly Mandatory CAT 1 Review on Thursday, 5/9, to discuss mandatory vulnerabilities with SMEs.
" Exception/False Positive ACAS/Onapsis/Notes meeting with Marcin's group. Sent our Submission list to Paul to compare what he has received and what we have sent.
" Submitted Exception Write up for PMW team to review, discussion and approval during the PMW weekly meetings.
" Kickoff meeting with SME to go over the 3rd QTR STIGs due 28 June 2024. Also, talked to SMEs about submitting their previous STIP+500 STIGs .ckl for submittal. Sent emails to SMEs regarding their STIGs for remediation.
" Working with Celeste to track the outstanding POAM notes due this month. She also have notes that can not be implemented so therefore we will create Exception forms for these transports. Discussed the SPAU transport with David Baker for remediation.
" Working sessions with the Cyber Augment team to discuss the vulnerability IDs they are responsible for.
" Weekly Olympics Proposal to discuss our process. This was submitted for review and possible Award to the committee on May 6, 2024.
Did you use additional charge codes this week? *
No
Planned Activities for Upcoming Week. (Include milestones or detailed tasks) *
PLANNED ACTIVITIES FOR NEXT WEEK
" Attend Weekly meeting&
" Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings
" Start working on the DC/STIP5/500+ STIGs with SMEs.
" Update Stipulation 5 tracker and send SMEs email reminders about their assignments.
" Log4js&
Did you log into Program Tools and/or SAP Systems to avoid User ID Expiration or Termination?
Yes
Did you log into your NMCI machine or your virtual desktop this week? *
Yes
Do you have a Navy laptop/NMCI laptop?
Yes
When is the last time you connected your NMCI machine to the NMCI network (went to a base) and completed all the security update requirements? MM/DD/YYYY
Enter Date MM/DD/YYYY -- 04/12/2024
Do you have NVD?
Yes
When is the last time you confirmed your NMCI account via this link?https://deployables4.nadsuswe.nads.navy.mil/DMT
Enter the date -- 05/10/2024 |
NA |
| Danny Collins |
5/6/2024 |
Friday, May 3, 2024 |
NA |
NA |
| Margie Collins |
5/3/2024 |
Friday, May 3, 2024 |
Charge Code 1 - What charge code did you use this week? (Please insert only one charge code in the box below. There will be identical pages in the survey to add additional charge codes.) *
5F49
How many hours did you charge on the charge code above? *
40
What tasks did you work on this week for the charge code above? Please list the significant milestones and/or progress. If applicable, please include specific progress on tickets worked. (Do not use bullets or dashes when listing your tasks. Use commas if needed). *
PLANNED ACTIVITIES FOR THIS WEEK
" Continued the QCI process for SAP Fiori patch to rectify 3 OKB-ID vulnerabilities by submitting the "Requesting Authorization for work" and requesting a "Charm Request".
" Weekly Vulnerability Team Review on Monday,4/29, to discuss vulnerability statuses to include log4j v2. No log4j for BASIS Cyber. This week, we did not receive the latest POAM BASIS report from PMW 220; therefore, all POAM number using numbers from previous week., the current list of POAM has gone down to 14,707. According to our current STIP5 POAM findings (ACAS: 2 out of 72 open should be remediated during PROD maintenance 4/13); (Onapsis: 19 out of 98 are open); NOTEs (116 out of 162 are open); SV (1 out of 52 are open); WRA (Completed), these numbers are from our AAG tracker. We are tracking the STIP5+500 STIGs, as of date, there are a total of 517 Application STIGs (203 Complete, 229 In progress, 22 Decommissioned, 63 Exception Needs Submitted); there are a total of 60 Operating Systems STIGs (55 Completed and 3 In Progress). Weekly Mandatory CAT 1 Review on Thursday, 4/25, to discuss mandatory vulnerabilities with SMEs.
" Exception/False Positive ACAS/Onapsis/Notes meeting with Marcin's group. Multiple Exceptions ACCEPTED
" Submitted Exception Write up for PMW team to review, discussion and approval during the PMW weekly meetings.
" Kickoff meeting with SME to go over the 3rd QTR STIGs due 28 June 2024. Also, talked to SMEs about submitting their previous STIP+500 STIGs .ckl for submittal.
" We compared our BASIS Cyber Submitted forms we submitted to PMW with the list The PMW team gave us to see what are the discrepancy. Right now, the PMW team does not have a way to show us the complete list online so we have to ask for our audit purposes. We have asked for a PMW shared folder so we collaborate the forms we submit to them.
" Working with Celeste to track the outstanding POAM notes due this month. She also have notes that can not be implemented so therefore we will create Exception forms for these transports. There are SPAU transports that I need to follow up with David Baker.
" Working sessions with the Cyber Augment team to discuss the vulnerability IDs they are responsible for.
" Weekly Olympics Proposal to discuss our process. Jeff made a lot of updates to this document, this due on Monday, May 6.
Did you use additional charge codes this week? *
No
Planned Activities for Upcoming Week. (Include milestones or detailed tasks) *
PLANNED ACTIVITIES FOR NEXT WEEK
" NON-PROD maintenance on Saturday, 4 May at 6 AM
" Attend Weekly meeting&
" Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings
" Start working on the DC/STIP5/500+ STIGs with SMEs.
" Update Stipulation 5 tracker and send SMEs email reminders about their assignments.
" Log4js&
Did you log into Program Tools and/or SAP Systems to avoid User ID Expiration or Termination?
Yes
Did you log into your NMCI machine or your virtual desktop this week? *
Yes
Do you have a Navy laptop/NMCI laptop?
Yes
When is the last time you connected your NMCI machine to the NMCI network (went to a base) and completed all the security update requirements? MM/DD/YYYY
Enter Date MM/DD/YYYY -- 04/12/2024
Do you have NVD?
Yes
When is the last time you confirmed your NMCI account via this link?https://deployables4.nadsuswe.nads.navy.mil/DMT
Enter the date -- 04/22/2024
Embedded Data
Company IT Partners Inc.
RecipientEmail margie.collins@itpfed.com
RecipientFirstName Margie
RecipientLastName Collins
TDL NETSS Technical Support
Team/Role Technical - Basis
Timecard Approver Shahid Khan
Timecard Approver Emails Shahid.Khan@ibm.com
|
NA |
| Danny Collins |
4/26/2024 |
Friday, April 26, 2024 |
22 April 2024 - �SAM.Gov Master Class| Understand How Federal Buyers Communicate with Industry"
22 April 2024 - �Opportunity Identification for Government Contracting�
22 April 2024 � Worked on SBA E2G (7J) Program Bidspeed Website
23 April 2024 � �Win more federal contracts with proven capture steps�
23 April 2024 � �SBA E2G Program Federal Contract Market Update: New Opportunities and Set-Asides�
23 April 2024 � �Worked on SBA E2G Program Bidspeed Website� Reviewed
24 April 2024 � �Reviewed DOL TENS TAP Proposal�
24 April 2024 � �Worked on Elgia CMMC Environment Submission�
24 Apr 2024 � �Top ways to use AI for government contractors to stay relevant�
24 April 2024 � �DOD SkillBridge Program - New Partner Application Process
25 April 2024 � �Loudoun Gov Con: Shred Q3 to Win Q4�
25 April 2024 � �Deltek Costpoint Live Overview & Demo� (11 am)
25 April 2024 � �How to Win Contracts and Grow Your Contracts with White Papers�
26 April 2024 � �Business Development and Capture Efforts for 1st SBC Solutions Joint Venture�
|
NA |
| Danny Collins |
4/19/2024 |
Friday, April 19, 2024 |
15 April 2024 - �Stop Calling SBLOs | Do This Instead to Subcontract with Large Primes"
16 April 2024 - �Federal Solicitations and Proposal Management, Creating a Proposal Library�
17 April 2024 � Reviewed and provided comment on DOL VETS TAP System Draft Proposal
17 April 2024 � Participated in meeting with Elgia about CMMC environment they have provided for Bridgecross LLC.
18 Apr 2024 - How to Subcontract with Large Prime Government Contractors
19 April 2024 - #1 Thing That Will Make You Better Than 99% of Government Contractors
|
NA |
| Margie Collins |
4/19/2024 |
Friday, April 19, 2024 |
Weekly Vulnerability Team Review on Monday,4/15, to discuss vulnerability statuses to include log4j v2. No log4j for BASIS Cyber. This week, we received the latest POAM BASIS report from PMW 220 on 4/15, the current list of POAM continues to go down. We are currently still tracking current STIP5 POAM findings (ACAS: 2 out of 72 open should be remediated during PROD maintenance 4/20); (Onapsis: 19 out of 98 are open); NOTEs (116 out of 162 are open); SV (1 out of 52 are open); WRA (Completed), these numbers are from our AAG tracker. We are tracking the STIP5+500 STIGs, as of date, there are a total of 517 Application STIGs (203 Complete, 229 In progress, 22 Decommissioned, 63 Exception Needs Submitted); there are a total of 60 Operating Systems STIGs (55 Completed and 3 In Progress). Weekly Mandatory CAT 1 Review on Thursday, 4/18, to discuss mandatory vulnerabilities with SMEs.
" Exception/False Positive ACAS/Onapsis/Notes meeting with Marcin's group. No updates to report.
" Assisted in running Ansible during the PRD maintenance for ABAP/Java shutdown and startup on Saturday, 4/13 - Sunday, 4/14. Assisted in shutting down Database systems for the PROD maintenance.
" Working sessions with the Cyber Augment team to discuss the vulnerability IDs they are responsible for.
" Weekly Olympics Proposal to discuss our process. Jeff made a lot of updates to this document.
Did you use additional charge codes this week? *
No
Planned Activities for Upcoming Week. (Include milestones or detailed tasks) *
" Esculation Manager (Saturday, 4/20 - Friday, 4/26.
" Attend Weekly meeting&
" Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings
" Start working on the DC/STIP5/500+ STIGs with SMEs.
" Update Stipulation 5 tracker and send SMEs email reminders about their assignments.
" Log4js&
|
NA |
| Danny Collins |
4/13/2024 |
Friday, April 12, 2024 |
08 April 2024 - �How Federal Buyers Find Small Business Vendors "
08 April 2024 - �End of Year Spending Plan for Government Contractors"
09 April 2024 - �Federal Solicitations and Proposal Management: 7 Cs of Good Proposal Writing�
10 April 2024 - �How to Attract Federal Buyers with a LinkedIn Newsletter"
11 April 2024 - �How I Find Opportunities for My Federal Sales Pipeline�
12 April 2024 - �Top Tasks for Federal Business Developers�
|
NA |
| Margie Collins |
4/12/2024 |
Friday, April 12, 2024 |
Charge Code 1 - What charge code did you use this week? (Please insert only one charge code in the box below. There will be identical pages in the survey to add additional charge codes.) *
5BV1
How many hours did you charge on the charge code above? *
46
What tasks did you work on this week for the charge code above? Please list the significant milestones and/or progress. If applicable, please include specific progress on tickets worked. (Do not use bullets or dashes when listing your tasks. Use commas if needed). *
PLANNED ACTIVITIES FOR THIS WEEK
" Weekly Vulnerability Team Review on Monday,4/8, to discuss vulnerability statuses to include log4j v2. No log4j for BASIS Cyber. This week, we received the latest POAM BASIS report from PMW 220 on 4/3, the current list of POAM has gone down to 14,707. According to our current STIP5 POAM findings (ACAS: 2 out of 72 open should be remediated during PROD maintenance 4/13); (Onapsis: 19 out of 98 are open); NOTEs (116 out of 162 are open); SV (1 out of 52 are open); WRA (Completed), these numbers are from our AAG tracker. We are tracking the STIP5+500 STIGs, as of date, there are a total of 517 Application STIGs (203 Complete, 229 In progress, 22 Decommissioned, 63 Exception Needs Submitted); there are a total of 60 Operating Systems STIGs (55 Completed and 3 In Progress). Weekly Mandatory CAT 1 Review on Thursday, 4/11, to discuss mandatory vulnerabilities with SMEs.
" Exception/False Positive ACAS/Onapsis/Notes meeting with Marcin's group. 1 Onapsis vulnerablities were ACCEPTED (2 False Positive).
The BASIS Cyber team are reviewing Paul and Larry's vulnerability submission list's to what we have to ensure we are tracking the same Onapsis and ACAS submissions. We will meet with them to discuss some outstanding forms that need more information. We will call the SMEs into this disucssion as well.
" Ansible HA maintenance on 4/10 with Jared, shutdown DEV GITLAB, DEV Ansible Hub, DEV Ansible Controller, PROD Ansible Hub and PROD Ansible Controller
" Cyber Team are meeting with
" Working sessions with the Cyber Augment team to discuss the vulnerability IDs they are responsble for.
" Weekly Olympics Proposal to discuss our process. Jeff made a lot of updates to this document.
Did you use additional charge codes this week? *
No
Planned Activities for Upcoming Week. (Include milestones or detailed tasks) *
PLANNED ACTIVITIES FOR NEXT WEEK
" PROD maintenance on 4/13 at 5 PM (PROD startup only)
" Attend Weekly meeting&
" Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings
" Start working on the DC/STIP5/500+ STIGs with SMEs.
" Update Stipulation 5 tracker and send SMEs email reminders about their assignments.
" Log4js&
Did you log into Program Tools and/or SAP Systems to avoid User ID Expiration or Termination?
Yes
Did you log into your NMCI machine or your virtual desktop this week? *
Yes
Do you have a Navy laptop/NMCI laptop?
Yes
When is the last time you connected your NMCI machine to the NMCI network (went to a base) and completed all the security update requirements? MM/DD/YYYY
Enter Date MM/DD/YYYY -- 03/28/2024
|
NA |
| Danny Collins |
4/8/2024 |
Friday, April 5, 2024 |
01 April 2024 - �How to Find Contracting Officers that Sole Source to 8(a) Firms"
01 April 2024 - �Get Federal Buyers to Call You!"
02 April 2024 - �Federal Solicitations and Proposal Management: 7 Cs of Good Proposal Writing�
02 April 2024 - �How to Grow from $1M to $4M in Government Contracts"
02 April 2024 - �How to find Great Teaming Partners for Federal Contracting�
03 April 2024 - �Level 2 An AI Workshop for Small Businesses�
03 April 2024 � �Reviewed the PWS RFQ for TAPS TENS�
04 April 2024 � �Unleash the Power of Teaming for Government Contracts! (Without Violating Small Business Rules)�
04 April 2024 - Doing Business with the U.S. Department of Education
|
N/A |
| Margie Collins |
4/5/2024 |
Friday, April 5, 2024 |
PLANNED ACTIVITIES FOR THIS WEEK
" Weekly Vulnerability Team Review on Monday,4/1, to discuss vulnerability statuses to include log4j v2. No log4j for BASIS Cyber. This week, we received the latest POAM BASIS report from PMW 220 on 4/3, the current list of POAM has gone down to 14,743. According to our current STIP5 POAM findings (ACAS: 2 out of 72 open); (Onapsis: 19 out of 98 are open); NOTEs (116 out of 162 are open); SV (1 out of 52 are open); WRA (Completed), these numbers are from our AAG tracker. We are tracking the STIP5+500 STIGs, as of date, there are a total of 517 Application STIGs (203 Complete, 229 In progress, 22 Decommissioned, 63 Exception Needs Submitted); there are a total of 60 Operating Systems STIGs (55 Completed and 3 In Progress). Weekly Mandatory CAT 1 Review on Thursday, 4/4, to discuss mandatory vulnerabilities with SMEs.
" Exception/False Positive ACAS/Onapsis/Notes meeting with Marcin's group. 1 Onapsis vulnerablities were ACCEPTED (3 Exception and 1 False Positive).
The BASIS Cyber team are reviewing Paul and Larry's vulnerability submission list's to what we have to ensure we are tracking the same Onapsis and ACAS submissions. We will meet with them to discuss some outstanding forms that need more information. We will call the SMEs into this disucssion as well.
" Ansible meeting with Jared and Angelo to create .yml database files for the Ansible script in the GetLab server. Also to run the status script on these servers. Also, discussed the Ansible scripts for Non-prod
PLANNED ACTIVITIES FOR NEXT WEEK
" Non-PROD maintenance on 4/6 at 6 AM
" Attend Weekly meeting&
" Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings
" Start working on the DC/STIP5/500+ STIGs with SMEs.
" Update Stipulation 5 tracker and send SMEs email reminders about their assignments.
" Log4js& |
NA |
| Danny Collins |
3/31/2024 |
Friday, March 29, 2024 |
25 March 2024 - �SBA E2G Program Federal Contract Update"
26 March 2024 - �Top Contract Vehicles for Government Contractors"
26 March 2024 - �Top 10 Things Small Businesses Should Be Doing to Work With BAE�
26 March 2024 - �How Should I Respond to RFIs
26 March 2024 - �Top 3 Things Every Contractor Must Do Daily"
26 March 2024 - �How to Grow From $1M to $4M in Government Contracting as an 8(a)�
27 March 2024 - �How to find Contracting Officers e Sole Source to 8(a) Businesses"
27 March 2024 � �Topic: Finding Expiring Contracts�
27 March 2024 � �Federal Contracting: You Should Pursue Contracts or Subcontract to Grow �
28 March 2024 - �Leveraging AI for Business Growth" - Maryland MBDA
|
No |
| Margie Collins |
3/29/2024 |
Friday, March 29, 2024 |
First and Last Name
Margie Collins
As a Team Member on the Navy NETSS Program - did you expend hours on the program this week? *
Yes
Charge Code 1 - What charge code did you use this week? (Please insert only one charge code in the box below. There will be identical pages in the survey to add additional charge codes.) *
5BV1
How many hours did you charge on the charge code above? *
40
What tasks did you work on this week for the charge code above? Please list the significant milestones and/or progress. If applicable, please include specific progress on tickets worked. (Do not use bullets or dashes when listing your tasks. Use commas if needed). *
PLANNED ACTIVITIES FOR THIS WEEK
" Attended Biweekly Basis meetings (Monday, 3/25 and Thursday, 3/28)
" Attended Navy ERP - SCOR call (when applicable)
" Weekly Vulnerability Team Review on Monday,3/25, to discuss vulnerability statuses to include log4j v2. No log4j for BASIS Cyber.
" Weekly Cyber Team Review meetings (Jeff Filia) on to discuss highlights of what is needed this week before Friday.
" Daily STIG meeting to discuss outstanding STIGs with SMEs that are due on Friday, March 29. We also discussed Navy ERP Computing Cloud STIG with Jon Jordon, he is currently reviewing this STIG and will send updates to Alfred Willis. Alfred was sent a link to the remaining STIGs that are due today, March 29.
" Weekly Onapsis Findings/Support Call on Tuesday, 3/26 with Larry Schmits and Onapsis team to discuss Onapsis OKB items (new and outstanding).
" Weekly SAP Security OKB-ID Vulnerability meetings on Tuesday, 3/26 with the SAP Security team to discuss their outstanding Security vulnerabilities to be rectified or sent in for Exceptions or False Positives. We also viewed multiple Onapsis reports to dive in more of what is needed for each vulnerability. As of today, Security have completed their actions needed on the outstanding vulnerabilities. BASIS has actions to complete regarding these vulnerabilities and then Exceptions will be created if applicable.
" Weekly discussion on our STIP5 tracker to discuss what ACAS, Onapsis, SV and Notes. We are very closed to completing the STIP5 list. We also talked to SEMs about their outstanding STIP5+500 STIG list.
" Weekly Mandatory CAT 1 Review on Thursday, 3/28, to discuss mandatory vulnerabilities with SMEs.
" Exception/False Positive ACAS/Onapsis/Notes meeting with Marcin's group. 4 Onapsis vulnerablities were ACCEPTED (3 Exception and 1 False Positive)
Did you use additional charge codes this week? *
No
Planned Activities for Upcoming Week. (Include milestones or detailed tasks) *
PLANNED ACTIVITIES FOR NEXT WEEK
" DEV maintenance on 3/30 at 6 AM
" Attend Weekly meeting&
" Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings
" Start working on the DC/STIP5/500+ STIGs with SMEs.
" Update Stipulation 5 tracker and send SMEs email reminders about their assignments.
" Log4js&
Did you log into Program Tools and/or SAP Systems to avoid User ID Expiration or Termination?
Yes
Did you log into your NMCI machine or your virtual desktop this week? *
Yes
Do you have a Navy laptop/NMCI laptop?
Yes
When is the last time you connected your NMCI machine to the NMCI network (went to a base) and completed all the security update requirements? MM/DD/YYYY
Enter Date MM/DD/YYYY -- 03/28/2024
Do you have NVD?
Yes
When is the last time you confirmed your NMCI account via this link?https://deployables4.nadsuswe.nads.navy.mil/DMT
Enter the date -- 03/11/2024
Embedded Data
Company IT Partners Inc.
RecipientEmail margie.collins@itpfed.com
RecipientFirstName Margie
RecipientLastName Collins
TDL NETSS Technical Support
Team/Role Technical - Basis
Timecard Approver Shahid Khan
Timecard Approver Emails Shahid.Khan@ibm.com
|
NA |
| Danny Collins |
3/22/2024 |
Friday, March 22, 2024 |
20 March 2024 � �SBA E2G Program Federal Contract Update"
21 March 2024 � �Introduction to FEDRAMP"
21 March 2024 � �Breaking Down the FY2025 Federal Budget"
21 March 2024 - Small Business Webinar "Doing Business with GSA"
22 March 2024 � �What is AI's Role in Government Contracting?�
22 March 2024 � �How to Get Federal Buyers to Take Your Call�
|
NA |
| Margie Collins |
3/22/2024 |
Friday, March 22, 2024 |
PLANNED ACTIVITIES FOR THIS WEEK
CAC issues: I am having issues connecting to the Onapsis website sighting CAC issues when trying to access the site (This seems to be based on the root cert is not configured for root 6. I spoke with Paul and Larry this week regarding this issue. Unfortunately, the Onapsis platform is not configured to accept multiple certs. They have put in a ticket to Onapsis and additional help from the Bounty team.
" Attended Biweekly Basis meetings (Monday, 3/18 and Thursday, 3/21)
" Attended Navy ERP - SCOR call (when applicable)
" Weekly Vulnerability Team Review on Monday, 10/18, to discuss vulnerability statuses to include log4j v2. No log4j for BASIS Cyber.
" Weekly Cyber Team Review meetings (Jeff Filia) on to discuss highlights of what is needed this week before Friday.
" Weekly STIG meeting to discuss outstanding STIGs with SMEs that are due on Friday, March 29. We are having a daily Standups with the SMEs.
" Weekly SAP Security OKB-ID Vulnerability meetings on Tuesday, 3/19 with the SAP Security team to discuss their outstanding Security vulnerabilities to be rectified or sent in for Exceptions or False Positives. As of today, Security have completed their actions needed on the outstanding vulnerabilities. The BASIS Augment team will complete the rest of the actions needed to rectify these vulnerabilities.
" Weekly BASIS Cyber Weekly Sync with Mike, Jeff, and Stephen to discuss vulnerabilities on Thursday, 10/19. Mike did not attend so we had a meeting with Stephen during the meeting.
" Weekly discussion on our STIP5 tracker to discuss what ACAS, Onapsis, SV and Notes. We are very closed to completing the STIP5 list. We also talked to SEMs about their outstanding STIP5+500 STIG list.
" Weekly Mandatory CAT 1 Review on Thursday, 3/21, to discuss mandatory vulnerabilities with SMEs.
" Exception/False Positive ACAS/Onapsis/Notes meeting with PMW group regarding our False Positive/Exception/Exclusion submissions. SAP_2480 Exception was ACCEPTED, SAP_55350 Exception was ACCEPTED and SAP_34250 Exception has been ACCEPTED.
Did you use additional charge codes this week? *
No
Planned Activities for Upcoming Week. (Include milestones or detailed tasks) *
PLANNED ACTIVITIES FOR NEXT WEEK
" Attend Weekly meeting&
" Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings
" Start working on the DC/STIP5/500+ STIGs with SMEs.
" Update Stipulation 5 tracker and send SMEs email reminders about their assignments.
" Log4js&
|
NA |
| Danny Collins |
3/20/2024 |
Friday, March 15, 2024 |
11 Mar 24 - The 2 Biggest Mistakes Keeping Federal Buyers From Finding You
12 Mar 24 - 10 Steps to Increase Your PWin for Government Contractors
12 Mar 24 - Data Mining the Federal Contracting Resources
13 Mar 24 - How Government Contractors Can Join More Teams Using These 2 LinkedIn Tips
14 Mar 24 - Biggest Mistakes Government Contractors Make That Keep Them under 1M per yr
15 Mar 24 - How to Grow By $1M ARR in 90 Days for Government Contractors |
NA |
| Margie Collins |
3/15/2024 |
Friday, March 15, 2024 |
PLANNED ACTIVITIES FOR THIS WEEK
" Went to the Navy Yard to connect GFE to Blue line for updates to the computer. Updates were successful. CAC issues: I am having issues connecting to the Onapsis website sighting CAC issues when trying to access the site. I called the Help Desk regarding this issue (SDW17239137). Per conversation with the Help Desk today, they advise me to speak to the Onapsis administrator (Larry) to update my CERT on the site. I will contact Larry on Monday regarding this.
" Attended Biweekly Basis meetings (Monday, 3/12 and Thursday, 3/15)
" Attended Navy ERP - SCOR call (when applicable)
" Weekly Vulnerability Team Review on Monday, 10/16, to discuss vulnerability statuses to include log4j v2. No log4j for BASIS Cyber.
" Weekly Cyber Team Review meetings (Jeff Filia) on to discuss highlights of what is needed this week before Friday.
" Weekly STIG meeting to discuss outstanding STIGs with SMEs that are due on Friday, March 29. I also sent out emails regarding STATUS as well. I will schedule Daily standups starting next Monday to gather statuses until the 29 MAR 24. There are currently 46 STIGs request that we received from Alfred. As of today, 6 are completed, 11 NA (4 belong to Datacenter, 6 are Exceptions, 1 with no software to STIG) and 29 that in Progress.
" Weekly Onapsis Findings/Support Call on Tuesday, 3/13 with Larry Schmits and Onapsis team to discuss Onapsis OKB items (new and outstanding).
" Weekly SAP Security OKB-ID Vulnerability meetings on Tuesday, 3/13 with the SAP Security team to discuss their outstanding Security vulnerabilities to be rectified or sent in for Exceptions or False Positives. We also viewed multiple Onapsis reports to dive in more of what is needed for each vulnerability. As of today, Security have completed their actions needed on the outstanding vulnerabilities. BASIS has actions to complete regarding these vulnerabilities and then Exceptions will be created if applicable.
" Weekly BASIS Cyber Weekly Sync with Mike, Jeff, and Stephen to discuss vulnerabilities on Thursday, 10/19. Mike did not attend so we had a meeting with Stephen during the meeting.
" Weekly discussion on our STIP5 tracker to discuss what ACAS, Onapsis, SV and Notes. We are very closed to completing the STIP5 list. We also talked to SEMs about their outstanding STIP5+500 STIG list.
" Weekly Mandatory CAT 1 Review on Thursday, 3/14, to discuss mandatory vulnerabilities with SMEs.
" Exception/False Positive ACAS/Onapsis/Notes meeting with Marcin's group. SAP_3660 was ACCEPTED as a False Positive (ACL item). Per Onapsis, SAP_99660 is no longer a vulnerability so our SAP_99660 was ACCEPTED as a False Positive item.
PLANNED ACTIVITIES FOR NEXT WEEK
" Working the April 2024 BASIS Cyber Bundle.
" Attend Weekly meeting&
" Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings
" Start working on the DC/STIP5/500+ STIGs with SMEs.
" Update Stipulation 5 tracker and send SMEs email reminders about their assignments.
" Log4js&
|
None |
| Margie Collins |
3/8/2024 |
Friday, March 8, 2024 |
Charge Code 1 - What charge code did you use this week? (Please insert only one charge code in the box below. There will be identical pages in the survey to add additional charge codes.) *
5BVF
How many hours did you charge on the charge code above? *
18
What tasks did you work on this week for the charge code above? Please list the significant milestones and/or progress. If applicable, please include specific progress on tickets worked. (Do not use bullets or dashes when listing your tasks. Use commas if needed). *
Saturday, March 2, 2023 and Sunday, March 3, 2023 - Production System Monitoring (0700 � 1400)
Saturday, March 2, 2023- Non-PROD maintenance (0600 � 1600)
Did you use additional charge codes this week? *
Yes
Charge Code 2 - What charge code did you use this week? (Please insert only one charge code in the box below. There will be identical pages in the survey to add additional charge codes.) *
5BV1
How many hours did you charge on the charge code above? *
32
What tasks did you work on this week for the charge code above? Please list the significant milestones and/or progress. If applicable, please include specific progress on tickets worked. (Do not use bullets or dashes when listing your tasks. Use commas if needed). *
I received my new CAC went to NSF to connect to connect to blue line on Monday, March 4. I immediately received an untrusted certification error upon logging on with new CAC. After troubleshooting and going back to the CAC office, it was later revealed to us this was a wide area issue with the new CAC's issued today. This is my helpdesk ticket regarding this issue (SDW17239137). The root cause of this issue is the root certificates was not installed on the laptops and internal systems and sites. The probably was evenly resolved later in the week with some lingering issues like I could not connect to CVAD and Remote Desktop after the root certificate issue was resolved. I did what I could with the lack of access by attending meetings. Once I was able to have a more access. I updated trackers, comminated with SMEs and sent emails as usual. I will go back to the Navy Yard to connect my GFE to the blue line to resolve other issues.
Did you use additional charge codes this week? *
No
Planned Activities for Upcoming Week. (Include milestones or detailed tasks) *
Monday, March 11, go to Navy Yard to connect GFE to download certs and updates on to the GFE; Attend Weekly meeting: Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings. Update DC/STIP5/500+ STIGs with SMEs. Update trackers and send SMEs email reminders about their assignments.
|
New CAC issues (Root Certs) |
| Danny Collins |
3/8/2024 |
Friday, March 8, 2024 |
Attended:
4 March 24 - Virginia APEX Accelerator Webinar: CMMC Scope
5 March 24 - Win More Women-Owned Contracts in 2024
6 March 24 - Identifying the flow of CUIU.S. Small Business Administration-Empower to Grow (E2G): Searching New State and Local Bid Opportunities Webinar |
NA |
| Margie Collins |
2/28/2024 |
Thursday, February 29, 2024 |
test |
test |
| Margie Collins |
2/23/2024 |
Friday, February 23, 2024 |
a. Weekly BASIS Cyber Team meetings to discuss highlights of what is needed this week before Friday which were the following items: Go to SCOR to get DEV the MARCH Cyber bundles approved. Continue to work with team to normalize the new Combined AAG tracker.. Meet with SMEs to discuss their Weekly FY24 Q2 which are due on 29 March 2024. I am updating progress in our STIG tracker. The STIGs that were not applicable to the BASIS Cyber team was sent back to Alfred to report updates to him. We are currently tracking 46 Application STIGs (37 and 5 (Not BASIS or No application to STIG)). There were 6 items lists on the Managing Risk Exceptions Meeting agenda. I sent a message to Marcin asking if we could create a shared folder to view the items prior to the meeting. This was no accepted by Marcin. The 6 items were approved. The files are now sent using the DoD SAFE process because a lot of Marcin's team does not have NVD. Meet with Cyber Augment team regarding their progress with Sameer's items. Based on the analysis, most of the items from Sameer's list will be either False Positive or Exceptions. Weekly Mandatory CAT 1 Review on Thursday, to discuss mandatory vulnerabilities with SMEs; Weekly Vulnerability Team Review- No log4j remediation this week. Ansible Review meeting with Jared to start being an alternate to run Ansible during weekend maintenance. I have an upcoming CAC appointment to renew my CAC. I received additional information from Kelly on how to go to the 701 S courthouse Road, Arlington, VA location to connect to blue line after renewing my CAC. |
VPN issues |
| Margie Collins |
2/16/2024 |
Friday, February 16, 2024 |
Charge Code 1
" Charge Code: 5BVF
" Number of Hours: 18
" Tasks: PROD Monitoring
" Additional Charge Codes Used: Yes
Charge Code 2
" Charge Code: 5BV1
" Number of Hours: 32
" Tasks: PLANNED ACTIVITIES FOR THIS WEEK
Weekly BASIS Cyber Team meetings to discuss highlights of what is needed this week before Friday which were the following items: Start working on Cyber bundles for the March DEV SCOR for ACAS and ONAPSIS vulnerabilities. We are continuing to normalize the new Combined AAG tracker. Worked with Tim to create comparison columns to make sure the Vulnerability IDs and Status in the Combined Master sheet matches all other trackers in the AAG tracker. Created a AAG column spreadsheet to discuss what columns are important or still needed in the trackers. Tim used this spreadsheet to create an AAG normalization chart. This will be useful as we continue to work on the flow of tracking the vulnerabilities. Started the Weekly FY24 Q2 STIGs meeting with SMEs to discuss their STIGs due 29 March 2024. We are currently tracking 46 Application STIGs (37 and 5 (Not BASIS or No application to STIG)). There were 5 items list on the Managing Risk Exceptions Meeting agenda. We submitted 6 additional submissions that will ask to be added to the Navy Cyber agenda next week. The files are now sent using the DoD SAFE process because a lot of Marcin's team does not have NVD. Created an SCOR for the CyberArk user which was approved based on SAP_19480 which was approved last week. Meet with Cyber Augment team regarding their progress with Sameer's items. Based on the analysis, most of their items from Sameer's list will be either False Positive or Exceptions. Weekly Mandatory CAT 1 Review on Thursday, to discuss mandatory vulnerabilities with SMEs; Weekly Vulnerability Team Review- No log4j remediation this week. Meet with Jared to have an Ansible Review. Per Tom, he would like me to run Ansible during our weekly maintenance. I will have follow-up meeting with Jared to continue to gain the knowledge. I have a CAC appointment on Friday, February 16 to renew my CAC.
" Additional Charge Codes Used: No
Planned Activities for Upcoming Week. (Include milestones or detailed tasks):
PLANNED ACTIVITIES FOR NEXT WEEK
" Saturday, February 16 and Sunday, February 17 - Monitoring 7AM-4PM
" Attend Weekly meeting&
" Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings
" Start working on the DC/STIP5/500+ STIGs with SMEs.
" Update Stipulation 5 tracker and send SMEs email reminders about their assignments.
" Log4js&
|
None |
| Margie Collins |
2/8/2024 |
Friday, February 9, 2024 |
" Charge Code: 5BV1
" Number of Hours: 40
" Tasks: PLANNED ACTIVITIES FOR THIS WEEK
" Weekly BASIS Cyber Team meetings to discuss highlights of what is needed this week before Friday which were the following items: Cyber bundles for the PROD SCOR this weekend for ACAS and ONAPSIS vulnerabilities. We trimmed down the AAG by getting rid of unused tabs from the AAG tracker. We moved existing trackers (CAT1, Submission, STIP5, and Security tracker) to AAG to improve managing the vulnerabilities across the trackers. The AAG will be the one stop tracker for track these vulnerabilities. Multiple Write ups which needed submitted and/or resubmitted to the Navy Cyber team. We were able to review 6 submissions with 5-6 being approved. I received my NVD access this week. Because of the ongoing VPN issue, I needed to resend submission forms through the DoD SAFE process. We submitted 6 additional submissions that will ask to add to the Navy Cyber agenda next week. We received exciting news of our Exclusion submission approved for STANDARD users and for the CyberArk user. BASIS meeting with Tom to discuss efforts to SNC 3.0 - SAP Single Sign on solutions. Meet with Cyber Augment team regarding their progress with Sameer's items. Based on the analysis, most of their items from Sameer's list will be either False Positive or Exceptions. Raj cancelled their meeting with us.
Weekly Mandatory CAT 1 Review on Thursday, to discuss mandatory vulnerabilities with SMEs; Weekly Vulnerability Team Review- No log4j remediation this week.
" Additional Charge Codes Used: No
|
PLANNED ACTIVITIES FOR NEXT WEEK
" Saturday, February 10 and Sunday, February 11 - Monitoring 7AM-4PM
" Attend Weekly meeting&
" Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings
" Start working on the DC/STIP5/500+ STIGs with SMEs.
" Update Stipulation 5 tracker and send SMEs email reminders about their assignments.
" Log4js&
|
| Margie Collins |
2/1/2024 |
Wednesday, January 31, 2024 |
" Charge Code: 5BV1
" Number of Hours: 40
" Tasks: VPN Issues this week hampered our ability to log on to TEAMS and Desktop Outlooks; thereby, not allowing us to download files from the TEAM browser/ Outlook browser. We were not able to view large files from the browser and thereby not allowing us to access these files on the Microsoft Office software because of the VPN restrictions.
The connection is sometimes slow and times out. There was a delay in getting our weekly Onapsis, POAM and ACAS files which is used to get status on outstanding vulnerabilities for the weekly merge. We manipulate a lot of data from large files so the VPN issue has been a challenge to get items down immediately. We used workaround as much as possible. We are also attempting to use the remote desktop but because of the number of personnel using this as well, the connection is slow or times out.
During the workaround, we were able to do our normal weekly items of Vulnerability meetings, STIP5, CAT1 and Exception Meeting. We were able to send in Exception form for Exception meeting. We discussed 5 items during the meeting. Two of the items needs to be transferred to the new form and the other one needs to be updated as False positive. We sent back form for further discussions. Worked with Swati to complete the outstanding OKB-ID transported to noted SIDs. Meeting with Cyber Augment group to go through their OKB items. Weekly Mandatory CAT 1 Review on Thursday, to discuss mandatory vulnerabilities with SMEs; Weekly Vulnerability Team Review- No log4j remediation this week.
PLANNED ACTIVITIES FOR NEXT WEEK
" Saturday, February 02 Non-prod maintenance at 6 AM
" Attend Weekly meeting&
" Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings
" Start working on the DC/STIP5/500+ STIGs with SMEs.
" Update Stipulation 5 tracker and send SMEs email reminders about their assignments.
" Log4js&
|
VPN issues |
| Margie Collins |
1/26/2024 |
Friday, January 26, 2024 |
Charge Code 1
" Charge Code: 5BV1
" Number of Hours: 40
" Tasks: PLANNED ACTIVITIES FOR THIS WEEK
Weekly BASIS Cyber Team meetings to discuss highlights of what is needed this week before Friday which were the following items: Cyber bundles for the DEV SCOR this weekend (4 items for DEV). Worked with Swati to get the 2 out of 3 transports into SIDs for outstanding POAM vulnerability. Started talking to DC about the 1stQTR 2024 STIGs due soon. Worked on the STIP500 DC STIGS for analysis by BASIS Cyber team; Meeting with Raj on some of the items he has been doing in efforts of our Data Management; Analyses the POAM numbers for the POAM vulnerability call with the NAVY; Discussed vulnerabilities with Navy Security team, there are three items we need to update, one items that got ACCEPTED, tracking the REJECTED/ACCEPTED form through spreadsheet; Meet with Cyber Augment team to find out how they are progress with assigned items they received from Jeff (Sameer items due in March); SAP Security meeting to discuss their outstanding SAP Security vulnerabilities; SAP Security team created an Exception form for one of their vulnerabilities. This will be presented to team next week. Weekly discussion on our STIP5 tracker with SEMs to discuss what ACAS, Onapsis and Notes are due in February/March y; Weekly Mandatory CAT 1 Review on Thursday, to discuss mandatory vulnerabilities with SMEs; Weekly Vulnerability Team Review- No log4j remediation this week.
|
Planned Activities for Upcoming Week. (Include milestones or detailed tasks):
PLANNED ACTIVITIES FOR NEXT WEEK
" Saturday, January 27 DEV maintenance at 6 AM
" Attend Weekly meeting&
" Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings
" Start working on the DC/STIP5/500+ STIGs with SMEs.
" Update Stipulation 5 tracker and send SMEs email reminders about their assignments.
" Log4js& |
| Margie Collins |
1/19/2024 |
Friday, January 19, 2024 |
Charge Code 1
Charge Code: 5BV1
Number of Hours: 32
Tasks: PLANNED ACTIVITIES FOR THIS WEEK
" Weekly BASIS Cyber Team meetings to discuss highlights of what is needed this week before Friday which were the following items: Cyber bundles for the DEV SCOR this weekend. Attended the SCOR call to get this item approved DEV Plan; Worked on the STIP500 DC STIGS for analysis by BASIS Cyber team; Meeting with Raj on some of the items he has been doing in efforts of our Data Management; Analyses the POAM numbers for the POAM vulnerability call with the NAVY; Discussed three vulnerabilities with Navy Security team, we received two approvals and one rejected for more verbage and on new form; SAP Security meeting to discuss their outstanding SAP Security vulnerabilties; Weekly discussion on our STIP5 tracker with SEMs to discuss what ACAS, Onapsis and Notes are due in January/February; Weekly Mandatory CAT 1 Review on Thursday, to discuss mandatory vulnerabilities with SMEs.
" Weekly Vulnerability Team Review- No log4j remediation this week.
" Weekly Onapsis Findings/Support Call on Tuesday, 11/14 with Larry Schmits and Onapsis team to discuss Onapsis OKB items (new and outstanding).
" Cyber team sent out 4th QTR DC STIGS to DC and received the 1st QTR CD STIGs from the DC.
Additional Charge Codes Used: No |
fyi |
| Margie Collins |
1/5/2024 |
Friday, January 5, 2024 |
Charge Code 1
" Charge Code: 5BVF
" Number of Hours: 18
" Tasks: Monitoring (Saturday, 30 DEC 23 and Sunday, 31 DEC 23)
" Additional Charge Codes Used: Yes
Charge Code 2
" Charge Code: 5BV1
" Number of Hours: 33
" Tasks: PLANNED ACTIVITIES FOR THIS WEEK
" Attended Biweekly Basis meetings (Thursday, 11/30)
" Attended Navy ERP - SCOR call (when applicable- DISCUSS JAN NON PROD SCOR - 100910459 )
" Weekly Vulnerability Team Review- No Log4j to remediate this week).
" Weekly Cyber Team Review meetings (Jeff Filia) on to discuss highlights of what is needed this week before Friday. Prod Plan and SCOR prep meeting on Tuesday, 11/14, to discuss Non-PROD cyber bundle.
" Weekly Onapsis Findings/Support Call on Tuesday, 11/14 with Larry Schmits and Onapsis team to discuss Onapsis OKB items (new and outstanding).
" Weekly SAP Security OKB-ID Vulnerability meetings on Tuesday, 12/2 with the SAP Security team to discuss their outstanding Security vulnerabilities to be rectified or sent in for Exceptions or False Positives.
" Weekly Mid-week Cyber catch-up meeting with Jeff on Wednesday, 12/3.
" Weekly discussion on our STIP5 tracker with SEMs to discuss what ACAS, Onapsis and Notes are due in December. We had a deep dive of what is due and what is not due based on the False Positives/Exceptions/Exclusions forms submitted to Navy Cyber.
" Weekly Mandatory CAT 1 Review on Thursday, 1/4, to discuss mandatory vulnerabilities with SMEs. Discussed OS STIGs from Data Center (1550)
" Exception STIG meeting to discuss with Paul to discuss possible STIG write ups for the SELINUX and fapolicy policy. He referenced 100879311 and 100879321.
" Additional Charge Codes Used: No
Planned Activities for Upcoming Week. (Include milestones or detailed tasks):
PLANNED ACTIVITIES FOR NEXT WEEK
" NON-PROD Maintenance Window, Saturday, 06 JAN 23 from 6 AM - Completion.
" Attend Weekly meeting&
" Daily Cyber, Cyber BASIS SAP Security, Log4j, ACAS, Onapsis, CAT1, Cyber Bundle, and POAM meetings
" Start working on the DC/STIP5/500+ STIGs with SMEs.
" Update Stipulation 5 tracker and send SMEs email reminders about their assignments.
" Log4js&
|
NA |
