CYBERTHREATSU.S. Army Cyber Command, DARPA Evaluate Advanced Cyber Threat Detection Technologies

Published 27 November 2024

Joint activities through the Constellation program accelerate maturation of tactical and strategic cyber capabilities.

DARPA, U.S. Army Cyber Command Technical Warfare Center, and Project Manager-Defensive Cyber Operations conducted an operational test and evaluation of a new program that assesses cutting-edge cyber threat detection capabilities.

The test successfully demonstrated the Cyber Analytics for Network Defense and Response Options (CANDOR) platform’s ability to deploy within an operational test environment. Developers were able to detect and analyze malicious activity – a critical milestone in validating the platform’s readiness as an operational capability before deploying to a production environment.

CANDOR leverages technology for containerization – a software deployment process that bundles an application’s code with all the files and libraries it needs to run on any infrastructure. The containerization enabled seamless integration and scalability in diverse infrastructures, including on-premises data centers and cloud-based platforms. CANDOR’s containerized architecture also translated to rapid deployment, easy updates, and consistent performance. All these characteristics will ensure that software can quickly adapt to changing security requirements and operational demands in the future.

“This test proved CANDOR’s high flexibility and adaptability as an innovative solution designed for deployment across multiple environments,” said LTC Nate Bastian, the DARPA program manager for CANDOR. “Given Constellation’s objective to accelerate the transition of research and development to capability delivery, we were able to drastically shorten the design, development, and testing of CANDOR from months to weeks with consistent user integration with ARCYBER.”

CANDOR is a project within the Constellation program, a joint effort between DARPA and U.S. Cyber Command to expedite cyber technologies’ delivery from laboratory development to the cyber battlefield. Ultimately, CANDOR aims to provide cyber operators enhanced network monitoring and automated threat hunting.

Earlier this year, DARPA and U.S. Cyber Command executed a new binding agreement establishing the joint governance structure, roles, responsibilities, and budgeting goals to enable future planning. CANDOR is one of six efforts currently underway within Constellation.