The Host Based Security System (HBSS), which enables the Department of Defense (DoD) to detect and counter known cyber threats in real-time through a collection of flexible commercial-off-the-shelf and government-off-the-shelf applications is going to be combined with several other tools to provide an evolved, holistic approach to cybersecurity network defense—this will be known as Endpoint Security Solutions (ESS).
The shift from HBSS to ESS represents an enhancement of existing capabilities through both product lifecycle evolution and the addition of specific endpoint capabilities, such as application whitelisting, visibility, and containment tools. The HBSS to ESS enhancement will occur over the next few years and will leverage the added security of the Windows 10 Secure Host Baseline (SHB), with additional capabilities added through the acquisition process based on new requirements.
ESS is constantly reviewed via the Unclassified-but-Sensitive Internet Protocol Router Network (NIPRNet)/Secret Internet Protocol Router Network (SIPRNet) Cyber Security Architecture Review (NSCSAR) process to ensure appropriate endpoint protections are in place to meet the ever-changing threat. Endpoint security is a DOD-wide effort that leverages the collaborative capabilities of the Defense Information Systems Agency, the National Security Agency, the DOD Cyber Range, and DOD red teams—groups that attempt to penetrate network defenses in order to identify vulnerabilities. The effort also involves continuous market research, conducted through DOD components, the Department of Homeland Security, and supporting contractors.