Where Accreditation meets Automation

What is Symphony?

Symphony deploys Compliance as a Service (CaaS) to enable rapid accreditation of analytic ecosystems into either on-premise or vendor agnostic cloud environments for machine learning, artificial intelligence, and Big Data analytic capabilities.

In many production environments the path to accreditation is a drawn out 6-9 month process. This is not a sustainable model for today’s cloud age. Many systems can be generated on the fly resulting in the need to constantly evaluate them one at a time. Not only do the systems change constantly but the regulations that govern their use change as well. The result is growth that can outpace your security personnel’s physical resources.

Traditional Process
Diagram of the traditional approach to accreditation

To solve these issues, Onyx Point has teamed with the MITRE Corporation to establish a process known as CaaS. Symphony utilizes this process to expedite the compliant automation of analytic systems and create a government approved repeatable process to expedite the award of Authority to Operate (ATO) for Open Source tools relating to machine learning (ML) and artificial intelligence (AI). Symphony ensures security personnel can evaluate analytic ecosystems to mitigate risk and allows those personnel to constantly monitor the state of analytic systems ATO more efficiently.

Symphony Process
Diagram of new process using Symphony

Onyx Point currently offers Symphony on premises utilizing VMware and within cloud platforms including Azure, Azure Government, and Amazon Web Services (AWS). We will soon offer support for OpenShift and Azure Stack.

Explore how Symphony can automate your Analytics Securely

Reach Out

Symphony Integrated Products

Onyx Point Symphony™ currently supports:

  • Accumulo
  • Ambari
  • Ansible
  • Apache
  • Atlas
  • Ceph
  • Consul
  • Curator
  • Docker
  • ElasticSearch
  • Falcon
  • Flume
  • Freeipa
  • GitLab
  • Hadoop
  • Hawq
  • HBase
  • HDF analytics
  • HDFS
  • Hive
  • Hue
  • Jazz
  • Jetty (web server)
  • JIRA support
  • Kafka
  • Knox
  • Mahout
  • MapReduce
  • Maven
  • Metron
  • MiNiFi
  • MongoDB
  • Mysql
  • Neo4j
  • Nginx
  • Nifi
  • Nifi registry
  • Oozie
  • Phoenix
  • Pig
  • Ranger
  • Rook
  • SELinux
  • Slider
  • Solr
  • Spark
  • Sqoop
  • Stackstorm
  • Storm
  • Supervisor
  • Terraform
  • Tez
  • Tomcat
  • Vault
  • Vowpal Wabbit
  • Yarn
  • Zeppelin
  • Zookeeper

All trademarks are property of their respective owners. All company, product and service names used are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.

What are the benefits?

Our approach is clear and result driven. We leverage CaaS automation that is designed to build the fundamental requirements of FISMA (Federal Information Security Management Act) Moderate and FedRAMP-aligned security controls into the systems. The CaaS automation process within Symphony has been evolving for over 10 years. It is currently used by multiple government customer’s cloud environments including Aberdeen Proving Ground (APG), the U.S. Office of Personnel Management (OPM), and the Defense Information Systems Agency’s (DISA) Big Data Platform (BDP) Cloud technology. The Onyx Point/MITRE partnership’s vast exposure, experience and reach have worked together to establish a proven, repeatable process that modernizes the traditional approach of creating secure automated systems more quickly and at reduced cost.

Analytic Ecosystem creation

Symphony’s security architecture is designed to compartmentalize function and risk. Below is an example of a compartmentalized Symphony ecosystem on Azure and its regulated “work zone” designed architecture.

Symphony Analytic Cell diagram

Use Cases

National Geospatial-Intelligence Agency's GeoWorks

The National Geospatial-Intelligence Agency (NGA) delivers world-class geospatial intelligence that provides a decisive advantage to policymakers, warfighters, intelligence professionals, and first responders. The NGA has long recognized that many powerful ideas come from individuals or researchers from smaller organizations that do not necessarily have access to large datasets across multiple organizations. In partnership with MITRE and Onyx Point, NGA recently announced GeoWorks, which gives researchers the ability to apply their ideas and algorithms against real data in an environment developed—and secured—via Symphony. GeoWorks will be making numerous datasets available to researchers, focusing in datasets in the areas of terrain, humanitarian aid relief, maritime safety, aviation, and agriculture.

Healthcare Anti-Fraud Innovation Network

The Centers for Medicare & Medicaid Services (CMS) asked MITRE/Onyx Point to use Symphony to create a proof of concept for the Healthcare Anti-Fraud Innovation Network (HAFIN). HAFIN is designed to help healthcare payers and other stakeholders identify unscrupulous or wasteful providers; provide real-time alerts to Medicare and other payers; and educate stakeholders throughout the industry. MITRE used Symphony to develop HAFIN as an internal research project, pulling together datasets from healthcare payers including CMS, United Healthcare and Blue Cross.

We work with these Technologies + Partners

puppet
gitlab
simp
beaker
redhat
`
AFCEA
GitHub
FOSSFeb