ForAllSecure Announces Mayhem Being Deployed Across U.S. DoD Branches

ForAllSecure | May 12, 2020

  • ForAllSecure was awarded a contract of up to $45 million with the Defense Innovation Unit (DIU) to expand its software security solution into some of the DoD's most critical systems.

  • ForAllSecure Mayhem helps the DoD achieve its mission to test critical software, including weapon systems, both with and without developer participation.

  • ForAllSecure has raised a $15 million Series A with top tier venture firm, New Enterprise Associates.


ForAllSecure, a NEA portfolio company, today announced that Mayhem, its next-generation fuzzing solution, is being deployed across multiple branches of the U.S. Department of Defense (DoD). ForAllSecure was awarded a contract of up to $45 million with the Defense Innovation Unit (DIU) to expand its software security solution into some of the DoD's most critical systems. Mayhem is being used by multiple DoD entities, including but not limited to: the Air Force 96th Cyberspace Test Group, the Air Force 90th Cyberspace Operations Squadron, the Naval Sea Systems Command (NAVSEA) and the U.S. Army Command, Control, Communication, Computers, Cyber, Intelligence, Surveillance and Reconnaissance Center (C5ISR).

Mayhem is a patented next-generation fuzzing solution pioneered at Carnegie Mellon University. It combines two proven dynamic application security testing (DAST) techniques, guided fuzzing with symbolic execution, to continuously uncover defects with unprecedented speed, scale and accuracy. ForAllSecure Mayhem helps the DoD achieve its mission to test critical software, including weapon systems, both with and without developer participation.

Read More: White House Talks with TSMC, Intel to Develop Chip Foundries in the U.S.

 

Security is about moving faster than the attacker. Mayhem is the result of over two decades of research in how to identify critical software flaws first and not be slowed down by false positives. The benefits go beyond security. Mayhem automatically builds a test suite, lowering QA effort to create great and trustworthy software. Our work with the DoD has showcased the powerful benefits of automation in code testing, using the combined technologies of symbolic execution and advanced fuzzing,

David Brumley, CEO of ForAllSecure.



Mayhem's ability to check weapon systems applications is critical as the DoD moves to embrace cyber as a new domain of warfare. In 2018, the U.S. Government Accountability Office (GAO) reported that there are mounting challenges in protecting DoD weapon systems from increasingly sophisticated attacks: "This state is due to the computerized nature of weapon systems; the DoD's late start in prioritizing weapon systems cybersecurity; and DoD's nascent understanding of how to develop more secure weapon systems. DoD weapon systems are more software dependent and more networked than ever before."

The Defense Innovation Unit recognized a potential match between the weapons system security problem and a potential technological solution to operationalize ForAllSecure's initial work featured during the Cyber Grand Challenge and apply it to select critical missions within the DoD. DIU used its Commercial Solutions Opening to put ForAllSecure on contract to prototype its solution with multiple partners across the DoD. The flexibility of the CSO meant that ForAllSecure was able to rapidly and meaningfully iterate on its product with direct feedback from critical users, leading to a much accelerated time to value.

ForAllSecure's first Mayhem prototype gained recognition in 2016 after competing against 110 teams across the U.S. to win the DARPA Cyber Grand Challenge – a competition to create automatic defensive systems capable of reasoning about flaws, formulating patches and deploying them on a network in real time. Since then, ForAllSecure has raised a $15 million Series A with top tier venture firm, New Enterprise Associates. ForAllSecure is scaling to make Mayhem available within the federal and commercial markets.

Read More: CTA Demands Tariff Exemptions to the U.S. Government on Tech Products Made in China

About ForAllSecure

ForAllSecure was founded on the mission to make the world's software secure. Utilizing patented technology from a decade of research at Carnegie Mellon University, ForAllSecure delivers a next-generation fuzzing solution. Fortune 1000 companies in aerospace, automotive, and high-tech partner with ForAllSecure for scalable, advanced security testing that keeps pace with increasing development speeds and deployment frequencies. DARPA deemed ForAllSecure the winner in the 2016 Cyber Grand Challenge, and MIT Technology Review named ForAllSecure in the 50 Smartest Companies 2017 list. Efficiently and effectively secure mission critical software with ForAllSecure.

Spotlight

Public agencies experience unique challenges that aren’t found in the private sector. Agencies have to comply with constitutional requirements, and usually do so on tighter budgets and with limited staff members. Our whitepaper explores the biggest challenges government teams are facing with eDiscovery.

Spotlight

Public agencies experience unique challenges that aren’t found in the private sector. Agencies have to comply with constitutional requirements, and usually do so on tighter budgets and with limited staff members. Our whitepaper explores the biggest challenges government teams are facing with eDiscovery.

Related News

EMERGING TECHNOLOGY

Inclusion of Springbrook Software in GovTech 100 List for Third Straight Year

Springbrook Software | February 01, 2023

On January 31, 2023, Springbrook Software, the creator of Cirrus, was listed in “GovTech Top 100 Companies to Watch in the Government Technology Space” for three consecutive years because of the growth in demand for the platform, strong cybersecurity, and escalated operational intricacies. The GovTech 100 is a list of 100 companies that are making a difference in the finance and administration of state and local government agencies in the United States. It mentioned Springbrook Software as a powerful and secure cloud-integrated ERP solution for managing the remote workforce and catering to the citizen expectations of local government agencies. Springbrook Software’s Cirrus platform is the premier cloud-based enterprise resource planning (ERP) platform for local government agencies, offering secure cloud-based solutions that include online payments, payrolls, finance, utility billing, and human resources for government agencies. The important advantages of this platform are unparalleled data security, a modern cloud solution, unlimited scalability, efficiency, managing citizen expectations, training, and support. Every module of this platform is fully integrated and specially designed to manage the finances of the agency, from utility billing to payroll. It provides additional server storage and licenses, adding new users instantly. It offers control over master documents, updated information, and limited redundancies. CEO of Springbrook Software, Robert Bonavito, said, “We developed our new, integrated Cirrus platform from the ground up as a full-featured, native cloud-based solution. We provide our customers with the highest level of cybersecurity, a modern interface for citizens, and the ability to securely manage dynamic workplaces.” (Source – Cision PR Newswire) About Springbrook Springbrook Software has provided the digital platform for finance and administration solutions for small to medium-sized local government agencies for more than 30 years. It manages the finances, utility bills, payroll, citizen payments, tax collection, and assets of around 2800 cities, towns, and districts. With the acquisition of PUBLIQ Software, MAGIQ Software, Bias Software, SoftRight, and KVS Cloud, it is dedicated to innovation.

Read More

EMERGING TECHNOLOGY, GOVERNMENT BUSINESS

RGS Names Booz Allen Hamilton as Innovation Partner of the Year

Rancher Government Solutions | February 10, 2023

Rancher Government Solutions (RGS) named Booz Allen Hamilton the inaugural recipient of its annual Innovation Partner of the Year Award for its excellent leadership in providing DevSecOps services as well as vital technical expertise to the Air Force's Platform One initiative, which aims to advance and re-imagine the Department of Defense's (DOD) approach to software delivery. Rancher Government Solutions picked Booz Allen Hamilton for its expertise in advocating the adoption of Kubernetes and other cloud-native, open-source technologies to facilitate digital transformation and enhance mission success in the U.S. government. The partnership between Booz Allen and RGS on USAF Platform One is an excellent illustration of how these transformative technologies promote innovation and modernization inside the Department of Defense (DOD). RGS, in conjunction with Booz Allen and USAF Platform One leadership, is supporting the innovative work of the Air Force and the Department of Defense with its technical knowledge across a variety of Platform One value streams. Booz Allen, partnered with RGS as a key supporter of Platform One, is at the forefront of enterprise-wide software industrialization and innovation for DOD, the federal government, and private sector organizations that can leverage Platform One to accelerate delivery via continuous, reusable, flexible, and secure solutions. The U.S. Air Force has teamed with Booz Allen to commercialize Platform One's Big Bang product and Iron Bank container hardening services, accelerating the delivery of contemporary, secure mission capabilities at scale. Platform One's primary concept is that business software services must be open, vendor-agnostic, scalable, and interoperable, with continuous delivery and extensive security. The Air Force required an innovative solution that would enable it to assume complete control of its infrastructure, adopt open architecture across the organization, and engage with industry partners in wholly unusual ways. Platform One was created to pioneer this concept and revolutionize the DOD's software distribution approach. About Rancher Government Solutions Rancher Government Solutions is designed to address the security and operational requirements of the U.S. government and military through application modernization, containers, and Kubernetes. Rancher is a comprehensive open-source software stack for container-using teams. It tackles the operational and security concerns of maintaining numerous Kubernetes clusters at scale and provides DevOps teams with tools for executing containerized workloads. RGS presently supports projects throughout the Department of Defense, the Intelligence Community, and civilian agencies with U.S.-based American citizens with the highest security clearances.

Read More

EMERGING TECHNOLOGY, CYBERSECURITY

Zetron to Deliver Cyber Resilience Assessments and Roadmaps to Kansas PSAPs

Zetron | March 15, 2023

On March 14, 2023, Zetron, one of the leading communications technology and service providers, announced it has received a contract from the North Central Regional Planning Commission (NCRPC) of Kansas (USA). The contract offers cyber resilience roadmaps and assessments for the Public Safety Answering Points (PSAPs) of 34 counties throughout the states. As the fiscal agent for six of the seven Homeland Security regions in Kansas, the Homeland Security/Emergency Operations unit of the Kansas Highway Patrol applies for and administers Homeland Security Grant Program (HSGP) funding to subrecipients such as the NCRPC. State and local governments, including fire departments, police, and other public safety agencies, are increasingly susceptible to cyberattacks. As per the Verizon 2022 Data Breach Investigations Report (DBIR), the public sector had the second-most cybersecurity incidents and the fourth-most data breaches among major industries in 2018. In addition, a 2021 Fastly report found that of all cybersecurity alerts, 45 percent are false positives that can be frequently difficult to distinguish from genuine threats and malicious behavior. This results in getting valuable time wasted during an emergency. Zetron, with SecuLore Solutions, a cybersecurity partner and local services partners, will finish cybersecurity assessments and roadmaps of selected thirty-four counties across Kansas, with its population from 600,000 to less than 1300 people. Each counties' assessment will identify threats and provide prioritized, actionable recommendations for remediating vulnerabilities and enhancing the county's cybersecurity risk posture. Following the contract terms, cybersecurity assessments and road maps for Kansas counties selected by NCRPC Regional Project Managers and the Planning Team will be completed in multiple phases through March 2024. About Zetron Zetron is one of the leaders in mission-critical communications technology worldwide. The company offers integrated solutions with exceptional reliability and support. It was founded in 1980 with decades of experience serving the public and private sectors and a sterling reputation for superior quality and dependability. Based in Redmond, Washington, it has customers across all seven continents and in a variety of industries such as transportation, public safety, utilities, the federal government, natural resources and more. In addition, it delivers purpose-built solutions to be always available wherever mission-critical communications must be uninterrupted.

Read More