ForAllSecure Announces Mayhem Being Deployed Across U.S. DoD Branches

ForAllSecure | May 12, 2020

  • ForAllSecure was awarded a contract of up to $45 million with the Defense Innovation Unit (DIU) to expand its software security solution into some of the DoD's most critical systems.

  • ForAllSecure Mayhem helps the DoD achieve its mission to test critical software, including weapon systems, both with and without developer participation.

  • ForAllSecure has raised a $15 million Series A with top tier venture firm, New Enterprise Associates.


ForAllSecure, a NEA portfolio company, today announced that Mayhem, its next-generation fuzzing solution, is being deployed across multiple branches of the U.S. Department of Defense (DoD). ForAllSecure was awarded a contract of up to $45 million with the Defense Innovation Unit (DIU) to expand its software security solution into some of the DoD's most critical systems. Mayhem is being used by multiple DoD entities, including but not limited to: the Air Force 96th Cyberspace Test Group, the Air Force 90th Cyberspace Operations Squadron, the Naval Sea Systems Command (NAVSEA) and the U.S. Army Command, Control, Communication, Computers, Cyber, Intelligence, Surveillance and Reconnaissance Center (C5ISR).

Mayhem is a patented next-generation fuzzing solution pioneered at Carnegie Mellon University. It combines two proven dynamic application security testing (DAST) techniques, guided fuzzing with symbolic execution, to continuously uncover defects with unprecedented speed, scale and accuracy. ForAllSecure Mayhem helps the DoD achieve its mission to test critical software, including weapon systems, both with and without developer participation.

Read More: White House Talks with TSMC, Intel to Develop Chip Foundries in the U.S.

 

Security is about moving faster than the attacker. Mayhem is the result of over two decades of research in how to identify critical software flaws first and not be slowed down by false positives. The benefits go beyond security. Mayhem automatically builds a test suite, lowering QA effort to create great and trustworthy software. Our work with the DoD has showcased the powerful benefits of automation in code testing, using the combined technologies of symbolic execution and advanced fuzzing,

David Brumley, CEO of ForAllSecure.



Mayhem's ability to check weapon systems applications is critical as the DoD moves to embrace cyber as a new domain of warfare. In 2018, the U.S. Government Accountability Office (GAO) reported that there are mounting challenges in protecting DoD weapon systems from increasingly sophisticated attacks: "This state is due to the computerized nature of weapon systems; the DoD's late start in prioritizing weapon systems cybersecurity; and DoD's nascent understanding of how to develop more secure weapon systems. DoD weapon systems are more software dependent and more networked than ever before."

The Defense Innovation Unit recognized a potential match between the weapons system security problem and a potential technological solution to operationalize ForAllSecure's initial work featured during the Cyber Grand Challenge and apply it to select critical missions within the DoD. DIU used its Commercial Solutions Opening to put ForAllSecure on contract to prototype its solution with multiple partners across the DoD. The flexibility of the CSO meant that ForAllSecure was able to rapidly and meaningfully iterate on its product with direct feedback from critical users, leading to a much accelerated time to value.

ForAllSecure's first Mayhem prototype gained recognition in 2016 after competing against 110 teams across the U.S. to win the DARPA Cyber Grand Challenge – a competition to create automatic defensive systems capable of reasoning about flaws, formulating patches and deploying them on a network in real time. Since then, ForAllSecure has raised a $15 million Series A with top tier venture firm, New Enterprise Associates. ForAllSecure is scaling to make Mayhem available within the federal and commercial markets.

Read More: CTA Demands Tariff Exemptions to the U.S. Government on Tech Products Made in China

About ForAllSecure

ForAllSecure was founded on the mission to make the world's software secure. Utilizing patented technology from a decade of research at Carnegie Mellon University, ForAllSecure delivers a next-generation fuzzing solution. Fortune 1000 companies in aerospace, automotive, and high-tech partner with ForAllSecure for scalable, advanced security testing that keeps pace with increasing development speeds and deployment frequencies. DARPA deemed ForAllSecure the winner in the 2016 Cyber Grand Challenge, and MIT Technology Review named ForAllSecure in the 50 Smartest Companies 2017 list. Efficiently and effectively secure mission critical software with ForAllSecure.

Spotlight

Spotlight

Related News

Emerging Technology

Astera and Carahsoft Partner to Deliver Data Management Solutions to Federal Government Agencies

Globenewswire | July 14, 2023

Astera Software, a leading provider of no-code data integration and management solutions, and Carahsoft Technology Corp., The Trusted Government IT Solutions Provider® announced a partnership today. Under the agreement, Carahsoft will serve as Astera’s Master Government Aggregator®, making the company’s wide range of data management solutions available to the Public Sector through Carahsoft’s reseller partners, NASA Solutions for Enterprise-Wide Procurement (SEWP) V, Information Technology Enterprise Solutions – Software 2 (ITES-SW2), National Cooperative Purchasing Alliance (NCPA) and OMNIA Partners contracts. "We are thrilled to partner with Carahsoft and its reseller partners to streamline access for agencies to procure our no-code data management stack and expand our presence in the Public Sector,” said Todd Humphrey, Head of Sales at Astera. “We look forward to helping Public Sector agencies leverage our suite of unified, code-free, easy-to-learn data management solutions to bridge the data-to-insight gap.” With Astera’s user-friendly, high-performing suite of products - Centerprise Data Integrator, ReportMiner, Data Warehouse Builder, API Management, and EDIConnect, Government agencies can unlock valuable insights from their data stores to optimize operational efficiency, increase productivity, improve resource allocation, and drive success. Astera’s robust range of scalable solutions is designed to help organizations build and automate dynamic data pipelines from source to destination. From data extraction, preparation, transformation and validation to integration and warehousing, Astera can automate the entire data journey for its users. “With the addition of Astera to our solutions portfolio, our customers will be able to manage their data more efficiently, reduce the time and cost associated with data management, and improve overall efficiency,” said Andres Azcuna, Sales Director who leads the Astera Team at Carahsoft. “We look forward to working with Astera and our reseller partners to help agencies make data-driven decisions and rapidly solve critical business challenges.” About Carahsoft Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider®, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator® for our vendor partners, we deliver solutions for Big Data, Artificial Intelligence, Cybersecurity, MultiCloud, DevSecOps, Open Source, Customer Experience and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. About Astera Astera is a data management solutions provider based in Westlake Village, California that offers solutions to radically simplify the process of building and executing data pipelines, data warehouses and manage enterprise-wide data management needs.

Read More

Emerging Technology

Umbra Selected by AFWERX for SBIR Phase II Contract

PR Newswire | August 24, 2023

Umbra, a leader in advanced space radar technology, announced it has been selected by AFWERX for a SBIR Phase II contract in the amount of $1.25 million focused on Space-Based Moving Target Indication (MTI) to address the most pressing challenges in the Department of the Air Force (DAF). Umbra will leverage its market leading wide-bandwidth, affordable space systems, uniquely operating in paired flight, to develop and demonstrate Maritime and Ground MTI (MMTI and GMTI) capabilities. The Air Force Research Laboratory (AFRL) and AFWERX have partnered to streamline the Small Business Innovation Research (SBIR) and Small Business Technology Transfer (STTR) process by accelerating the small business experience through faster proposal to award timelines, changing the pool of potential applicants by expanding opportunities to small business and eliminating bureaucratic overhead by continually implementing process improvement changes in contract execution. The DAF began offering the Open Topic SBIR/STTR program in 2018 which expanded the range of innovations the DAF funded and as of August 9, 2023, Umbra accelerated its journey to create and provide innovative capabilities that will strengthen the national defense of the United States of America. "With the end of the JSTARS program, Umbra understands the national imperative to develop a multi-domain replacement capability with a strong space-based element," said Jason Mallare, Vice President of Government Programs and Strategy. "Commercial space systems which can be developed and rapidly deployed offer a differentiated and robust method to contribute to this critical mission need. Umbra is committed to partnering with AFWERX, the broader DAF, as well as other DoD and IC stakeholders. We intend to bring the best Umbra has to offer, including affordable spacecraft and ground infrastructure, and market leading SAR technology." The views expressed are those of the author and do not necessarily reflect the official policy or position of the Department of the Air Force, the Department of Defense, or the U.S. government. About Umbra Umbra is a technology company that offers intelligence data as a service to commercial and government customers. Our cutting-edge products help customers solve complex business and security challenges. Umbra is a U.S.-owned and operated company headquartered in Santa Barbara, California, and has a presence in Austin, Texas, and Washington, D.C. For more information, visit https://umbra.space. About Air Force Research Laboratory (AFRL) Sole organization leading the planning and execution of U.S. Air Force & U.S. Space Force science & technology programs. Orchestrates a world-wide government, industry & academia coalition in the discovery, development & delivery of a wide range of revolutionary technology. Provides leading-edge warfighting capabilities keeping air, space and cyberspace forces the world's best. Employs 10,800 military, civilian and contractor personnel at 17 research sites executing an annual $4B budget. For more information, visit: www.afresearchlab.com. About AFWERX The innovation arm of the DAF and a directorate within the Air Force Research Laboratory brings cutting edge American ingenuity from small businesses and start-ups to address the most pressing challenges of the DAF. Employs approximately 325 military, civilian and contractor personnel at six hubs and sites executing an annual $1.4B budget. Since 2019, has executed 4,671 contracts worth more than $2B to strengthen the U.S. defense industrial base and drive faster technology transition to operational capability. For more information, visit: www.afwerx.com.

Read More

Emerging Technology

NewSpring Holdings Reenters Government Services Space, Launches New Platform with Acquisition of Bridge Core

PR Newswire | July 31, 2023

NewSpring Holdings leverages proven organic growth strategies and a disciplined M&A process to accelerate growth in sector-specific markets, including logistics, fin-tech, government services, IT services, and sports. The team has completed over 40 acquisitions and successfully built a government services platform, Avantus Federal,which recently sold for$590M.NewSpring("the Firm"), a family of private equity strategies, announced today that NewSpring Holdings, the Firm's majority investment strategy focused on sector-specific platform builds, has acquiredBridge Core, a leading provider of visual intelligence, cybersecurity, and other technical solutions to the U.S. government intelligence community. Bridge Core will use the proceeds of this transaction to execute a disciplined M&A and aggressive organic growth strategy to create a full-spectrum, technology-enabled intelligence company. Alongside this transaction, Chad Kim has been named CEO of Bridge Core. Chad has spent over two decades supporting the intelligence community and interagency task force apparatus in diverse worldwide roles spanning from operations to analysis. This has provided Chad with a unique breadth of experience, mission intimacy, and relevant capability expertise. He also has an extensive track record in scaling organizations capable of building industry-disrupting technology for defense, intelligence, and commercial clients, most recently with former NewSpring portfolio company Avantus Federal. Bridge Core founders Tyler Laverick and Andy Rackovan will stay on with the company in key leadership roles. "In the creation of a full-spectrum intelligence company, we're proud to begin our journey with Bridge Core, a company whose values and culture are closely aligned with my own and the team at NewSpring," said Kim. "Bridge Core treats its team members like family, fosters a strong work ethic, and consistently delivers mission impact in a nurturing environment that attracts and retains the best talent in the industry. Tyler and Andy have built an amazing company filled with savvy technologists and intelligence professionals, and we're thrilled to continue growing this business alongside them." Bridge Core leverages a unique tech-to-mission concept, agility, and speed in delivering services that drive true value for its intelligence agency clients. Established expertise in visual intelligence, technology transfer, cybersecurity, and technical operations positions Bridge Core well to add on additional services and expand into a full-service agency serving a broad range of needs facing the intelligence community. "An era of rapidly proliferating and converging data presents unique, evolving challenges for the intelligence community. More than ever, we see the crucial role of a holistic solutions partner capable of elevating the transformation of data into precise and impactful insights for the numerous mission sets of the U.S. government.," said NewSpring General Partner Lee Garber. "Our partnership with Bridge Core, a true market leader, aligns with our core vision to innovate within the national security space, where there is significant growth potential. Combined with Chad's leadership and extensive experience delivering mission outcomes with technology in the intelligence community, we're excited for the future of this business." "In 2015, Andy and I set out to build a company focused on empowering and fostering a transparent culture, giving everyone a seat at the table to define our success," said Bridge Core Cofounder Tyler Laverick. "Eight years later, we realized it was time to join forces with a team that embodied what we built at Bridge Core and have found the perfect partner in NewSpring to help scale this business and further raise our impact on critical intelligence missions. We're excited about this new era for Bridge Core and look forward to taking this business to the next level." About NewSpring NewSpring partners with the innovators, makers, and operators of high-performing companies in dynamic industries to catalyze new growth and seize compelling opportunities. The Firm manages over $3.0 billion across five distinct strategies covering the spectrum from growth equity and control buyouts to mezzanine debt. Having invested in over 200 companies, NewSpring brings a wealth of knowledge, experience, and resources to take growing companies to the next level and beyond. Partnering with management teams to help develop their businesses into market leaders, NewSpring identifies opportunities and builds relationships using its network of industry leaders and influencers across a wide array of operational areas and industries. To learn more, visit www.newspringcapital.com. About Bridge Core Bridge Core is a federal services company built on a culture of trust and teamwork to advance the mission through innovation and passionate people. The Bridge Core team of experts enable Mission Partners by integrating innovative technologies and implementing processes that modernize the digital workplace. The Company's trusted, skilled, and diverse team members make a lasting impact by building tailored, client-focused solutions within secured spaces. The Bridge Core team facilitates the rapid adoption of technologies and commercial off-the-shelf (COTS) solutions through a unique understanding of mission requirements and the vendor's product(s).

Read More