DoD Seal DISA Seal JITC Seal
Cyber Resiliency Test & Evaluation (CRT&E)

Cyber Resiliency Test and Evaluation (CRT&E) promotes data-driven, mission-impact-based cyber risk analysis and assessments via integrated cyber testing and evaluation for Developmental Test (DT) (Cybersecurity T&E) and Operational Test (OT) (Cyber Survivability T&E). CRT&E includes vulnerability assessments, security controls testing, penetration testing, adversarial testing, and cybersecurity testing related to a system’s resiliency and survivability capabilities. JITC’s Cyber T&E offerings span across the entire system development life cycle, cover a variety of T&E services from understanding cyber requirements; identifying attack surface; cooperative vulnerability identification (CVI), DT penetration test (DTPT), to Cooperative Vulnerability and Penetration assessment (CVPA) and Adversarial Assessment (AA) performed in the OT environment. CRT&E can span systems, infrastructure, hardware, software, users, operators, maintainers, defenders, training, and tactics, techniques, and procedures (TTPs), and focuses on the capabilities to Prevent, Mitigate, and Recover (PMR). JITC conducts CRT&E for DOT&E at exercises to assist Combat Commanders with identification, assessment, and mitigation of new and persistent cyber vulnerabilities; and for program managers of Department of Defense (DoD) Information Technology and National Security Systems (IT&NSS), Department of Homeland Security (DHS), and Special Operations Command (SOCOM) systems in support of the acquisition lifecycle. Moreover, JITC’s CRT&E is also quickly evolving and will continue to evolve with updated methodologies and processes to adapt to emerging technologies like cloud, DevSecOps, and Big Data/Artificial Intelligence.

DISA / JITC 2021