ForAllSecure Announces Mayhem Being Deployed Across U.S. DoD Branches

ForAllSecure | May 12, 2020

  • ForAllSecure was awarded a contract of up to $45 million with the Defense Innovation Unit (DIU) to expand its software security solution into some of the DoD's most critical systems.

  • ForAllSecure Mayhem helps the DoD achieve its mission to test critical software, including weapon systems, both with and without developer participation.

  • ForAllSecure has raised a $15 million Series A with top tier venture firm, New Enterprise Associates.


ForAllSecure, a NEA portfolio company, today announced that Mayhem, its next-generation fuzzing solution, is being deployed across multiple branches of the U.S. Department of Defense (DoD). ForAllSecure was awarded a contract of up to $45 million with the Defense Innovation Unit (DIU) to expand its software security solution into some of the DoD's most critical systems. Mayhem is being used by multiple DoD entities, including but not limited to: the Air Force 96th Cyberspace Test Group, the Air Force 90th Cyberspace Operations Squadron, the Naval Sea Systems Command (NAVSEA) and the U.S. Army Command, Control, Communication, Computers, Cyber, Intelligence, Surveillance and Reconnaissance Center (C5ISR).

Mayhem is a patented next-generation fuzzing solution pioneered at Carnegie Mellon University. It combines two proven dynamic application security testing (DAST) techniques, guided fuzzing with symbolic execution, to continuously uncover defects with unprecedented speed, scale and accuracy. ForAllSecure Mayhem helps the DoD achieve its mission to test critical software, including weapon systems, both with and without developer participation.

Read More: White House Talks with TSMC, Intel to Develop Chip Foundries in the U.S.

 

Security is about moving faster than the attacker. Mayhem is the result of over two decades of research in how to identify critical software flaws first and not be slowed down by false positives. The benefits go beyond security. Mayhem automatically builds a test suite, lowering QA effort to create great and trustworthy software. Our work with the DoD has showcased the powerful benefits of automation in code testing, using the combined technologies of symbolic execution and advanced fuzzing,

David Brumley, CEO of ForAllSecure.



Mayhem's ability to check weapon systems applications is critical as the DoD moves to embrace cyber as a new domain of warfare. In 2018, the U.S. Government Accountability Office (GAO) reported that there are mounting challenges in protecting DoD weapon systems from increasingly sophisticated attacks: "This state is due to the computerized nature of weapon systems; the DoD's late start in prioritizing weapon systems cybersecurity; and DoD's nascent understanding of how to develop more secure weapon systems. DoD weapon systems are more software dependent and more networked than ever before."

The Defense Innovation Unit recognized a potential match between the weapons system security problem and a potential technological solution to operationalize ForAllSecure's initial work featured during the Cyber Grand Challenge and apply it to select critical missions within the DoD. DIU used its Commercial Solutions Opening to put ForAllSecure on contract to prototype its solution with multiple partners across the DoD. The flexibility of the CSO meant that ForAllSecure was able to rapidly and meaningfully iterate on its product with direct feedback from critical users, leading to a much accelerated time to value.

ForAllSecure's first Mayhem prototype gained recognition in 2016 after competing against 110 teams across the U.S. to win the DARPA Cyber Grand Challenge – a competition to create automatic defensive systems capable of reasoning about flaws, formulating patches and deploying them on a network in real time. Since then, ForAllSecure has raised a $15 million Series A with top tier venture firm, New Enterprise Associates. ForAllSecure is scaling to make Mayhem available within the federal and commercial markets.

Read More: CTA Demands Tariff Exemptions to the U.S. Government on Tech Products Made in China

About ForAllSecure

ForAllSecure was founded on the mission to make the world's software secure. Utilizing patented technology from a decade of research at Carnegie Mellon University, ForAllSecure delivers a next-generation fuzzing solution. Fortune 1000 companies in aerospace, automotive, and high-tech partner with ForAllSecure for scalable, advanced security testing that keeps pace with increasing development speeds and deployment frequencies. DARPA deemed ForAllSecure the winner in the 2016 Cyber Grand Challenge, and MIT Technology Review named ForAllSecure in the 50 Smartest Companies 2017 list. Efficiently and effectively secure mission critical software with ForAllSecure.

Spotlight

The 2018/19 Federal Budget sees the government predicting a return to surplus a year earlier than predicted in 2019/20. Personal income tax relief is the centerpiece of the budget with a 7-year plan designed to give immediate tax relief to low and middle taxpayers, reduce bracket creep and provide a simpler tax structure.

Spotlight

The 2018/19 Federal Budget sees the government predicting a return to surplus a year earlier than predicted in 2019/20. Personal income tax relief is the centerpiece of the budget with a 7-year plan designed to give immediate tax relief to low and middle taxpayers, reduce bracket creep and provide a simpler tax structure.

Related News

EMERGING TECHNOLOGY

Qtrac and Strategic Communications Partner to Improve Customer, Employee Experiences in Government Offices

Strategic Communications | September 16, 2022

Qtrac® by Lavi Industries, a world-leading provider of virtual queue management and appointment scheduling systems, today announced it is partnering with Strategic Communications, a certified woman-owned business enterprise (WBE) and reseller to U.S. government agencies, to provide best-in-class queue solutions for local, state and federal government offices. "Qtrac identified Strategic Communications as a partner who had broad industry experience in IT, audio visual and cloud services deployments, and shared Qtrac's passion to innovate with a purpose by delivering the highest value in business solutions, Both Qtrac and Strategic Communications share a commitment to provide the very best products and excellent customer service to their clients, We look forward to expanding Qtrac's virtual queue platform to additional departments and services in Florida and across the country because of our partnership with Strategic Communications." -Steve Covate, VP of Sales at Qtrac. Since its founding, Qtrac has continually invested in its products and staff to deliver an ever-evolving solution and unsurpassed support to appeal to a broad and changing market. The partnership enables Qtrac to leverage Strategic Communications' extensive experience and knowledge in order to increase market share and build product awareness in the government, education, healthcare, and enterprise sectors. "Strategic Communications sought a partnership with Qtrac to support a variety of government agencies with a best-in-class queuing and appointment platform that can be configured to benefit a wide range of government agencies and manage the complexity within them." -Blake Kelly, cloud sales manager at Strategic Communications. The partnership is already helping residents in Florida who need WIC (women, infants, and children) assistance. Qtrac's queue management solutions are being deployed by the Florida Department of Revenue to give them the ability to schedule their appointments for a time most convenient for them. Because of information gathered from citizens at the time appointments are made, workers will be prepared to deliver necessary products and services, increasing staff efficiency and reducing the amount of time recipients spend collecting needed supplies. ABOUT QTRAC: Qtrac® provides virtual queue management systems to companies of all sizes and across many different industries around the world. Its virtual queuing technology enhances the customer experience by focusing on the way people interact with businesses in order to eliminate lines, increase sales and improve service. Qtrac was founded by Lavi Industries, the premier provider of public guidance and crowd control solutions. Building on Lavi's 40+ years of experience and success in helping the world's leading companies effectively guide people in, through and out of their facilities, Qtrac helps organizations improve their operations by improving the customer journey.

Read More

EMERGING TECHNOLOGY, CYBERSECURITY

OpenText partners with MAD Security to improve response time to cyberthreats and shrink the attack surface

Open Text Corporation | October 20, 2022

Today, OpenText™ (NASDAQ: OTEX), (TSX: OTEX), a global leader in information management with an extensive security solution portfolio, announced a partnership between OpenText Network Detection & Response (NDR) technology and MAD Security. This joint solution from OpenText and MAD Security will empower customers to cut false positive security alerts significantly and protect sensitive government data against advanced cyber threats. MAD Security, a managed security service provider (MSSP) that helps contractors and other small and medium sized enterprises detect potential breaches and prevent attackers from disrupting operations or exfiltrating data, knows firsthand that government contractors are a prime target for cyber-attacks, from phishing and social engineering to malware and ransomware. To strengthen its cybersecurity capabilities, MAD Security decided to augment its offering with NDR capabilities. The aim was to continuously monitor and analyze raw enterprise network traffic, creating a baseline of network behavior that would help analysts hunt down emerging threats faster. "In the past, MAD Security has relied on an anomaly-based intrusion detection system to find indicators of compromise (IOCs). While this approach was effective for analyzing north-south traffic across small networks, it was a challenge to pinpoint IOCs across larger networks with significant volumes of east-west traffic, If we could reduce the time our analysts spent drilling down into the data, we could accelerate our response and improve cost efficiency—ultimately providing a more competitive service. Working with OpenText, we can now detect and correlate events, investigate the data and notify the client in an average of just 6.5 minutes—less than half of SLA." -Jeremy Conway, CEO at MAD Security. MAD Security selected OpenText NDR because of the level of visibility it provides. The company can now look beyond individual subsets of endpoint and log data to build up a clear picture of what happened and when during an attack—even if the network traffic is encrypted. MAD Security uses OpenText NDR to make sure remediation efforts are successful, for example, by monitoring for new IOCs during its cleanup effort to detect whether the attacker is changing tactics or switching to an alternate toolset. An end-to-end network security platform, OpenText NDR simplifies network threat detection by combining smart packet capture (Smart PCAP) and rich network metadata generation, delivering a clear view of even the most complex networks. With OpenText NDR, MAD Security can gain insights faster than ever through deep packet inspection, behavioral anomaly detection, IOC matching, and AI-powered analytics. "We are thrilled to be able to count MAD Security among our many incredible customers and are proud to see not just our solutions working for the organization but also be part of its growth and success, By supporting MAD Security with OpenText NDR, we were able to help the company achieve its growth target while keeping its analyst team lean." -Muhi Majzoub, Executive Vice President and Chief Product Officer at OpenText. About OpenText: OpenText, The Information Company™, enables organizations to gain insight through market leading information management solutions, powered by OpenText Cloud Editions.

Read More

EMERGING TECHNOLOGY, CYBERSECURITY

Viasat & Inmarsat Receive UK Government Approval for Proposed Combination Under National Security & Investment Act

Inmarsat | September 17, 2022

Viasat Inc., (NASDAQ: VSAT), a global communications company, and Inmarsat, a leading provider of global mobile satellite communications services, today announced the receipt of approval of the proposed combination of their businesses by the UK Government under the National Security & Investment Act. The Secretary of State for Business, Energy and Industrial Strategy (BEIS) has announced that the transaction does not pose a risk to the UK's national security. In March 2022, the companies committed to economic undertakings with BEIS, which underlined their pledge to strengthen and advance the UK's National Space Strategy. The economic undertakings include an expansion in the number of highly skilled jobs in key areas and a 30% increase in overall research and development spending in the UK. "The combination of Viasat and Inmarsat creates a leading global communications innovator with enhanced scale and scope to affordably, securely and reliably connect the world. The UK Government's clearance of Viasat's proposed acquisition of Inmarsat under the National Security and Investment Act is another important step forward on the road to closing the deal, and we would like to thank the UK Government for their close collaboration throughout the process. Viasat has been a trusted partner of the UK's defence and national security communities for more than a decade, including in the provision of its market-leading encryption products. The combined company, whose global international business headquarters will be situated in the UK, will build upon the strong UK relationships that Viasat and Inmarsat already enjoy and allow us to deepen our contribution to the UK's National Space Strategy." -Mark Dankberg, Executive Chairman and CEO of Viasat. Rajeev Suri, Inmarsat CEO, added: Inmarsat is proud of our decades of close work with the UK government. Today's approval brings us closer to delivering the new jobs and investment to the UK that have been committed by both Inmarsat and Viasat. Together, we will be well-positioned to compete in a robust market that has both well-funded new entrants and other industry players in the process of consolidating. About Viasat: Viasat is a global communications company that believes everyone and everything in the world can be connected. For over 35 years, Viasat has helped shape how consumers, businesses, governments and militaries around the world communicate. Today, the Company is developing the ultimate global communications network to power high-quality, secure, affordable, fast connections to impact people's lives anywhere they are—on the ground, in the air or at sea. About Inmarsat: Inmarsat delivers world leading, innovative, advanced and exceptionally reliable global, mobile communications across the world – in the air, at sea and on land - that are enabling a new generation of commercial, government and mission-critical services. Inmarsat is powering the digitalisation of the maritime industry, making operations more efficient and safer than ever before. It is driving a new era of inflight passenger services for aviation, while ensuring that aircraft can fly with maximum efficiency and safety. Furthermore, Inmarsat is enabling the rapid expansion of the Internet of Things (IoT) and enabling the next wave of world-changing technologies that will underpin the connected society and help build a sustainable future. And now Inmarsat is developing the first-of-its-kind, multi-dimensional communications network of the future, ORCHESTRA. In November 2021, Inmarsat and Viasat announced the planned combination of the two companies, to create a new leader in global communications. The deal is scheduled to close in the second half of 2022.

Read More