• A10Networks_large

    Malware and other malicious programs are increasingly being installed unknowingly on client computers where they can replicate to other clients and relay information to malicious entities. Security vendors provide tools to detect and mitigate these problems by inspecting the traffic between clients and the untrusted side of the network. However, as more online services are provided using SSL/TLS encryption, less of the traffic can be monitored using traditional inspection tools. A10’s SSL Intercept feature addresses this problem by decrypting traffic and forwarding it through a 3rd party security device for deep packet inspection, before re-encrypting it and forwarding it on to its destination. This solution Scales to meet the most demanding bandwidth requirements, such as those seen in Government Networks. A10 Solutions are FIPS 140-2 Certified, and address other security issues such as DDoS Protection, as well as provide Firewall Load Balancing, Server Load balancing, Global Server Load Balancing, IPv6 Migrations and much more. A10 products are available via the DHS CDM Contract, and are an integral component of a comprehensive CDM Solution.

    Learn More  

    AccessData_large

    AccessData’s InSight Platform is a Continuous, Automated Incident Resolution (CAIR) platform, delivering the workflows and capabilities necessary to detect, analyze, and resolve any data event—from security breaches to e-discovery and other Governance, Risk and Compliance (GRC) issues. It is the industry’s only combined platform and works seamlessly across business units. InSight Platform integrates network, endpoint and malware analysis, end-to-end e-discovery and remediation technologies into a single, scalable solution. This makes it possible for all security, legal and compliance teams to do their jobs using one platform, automating tasks and collaborating in real time to address virtually any security incident or legal matter.

    Learn More  

    BeyondTrust_large

    Retina CS is the only vulnerability management solution designed from the ground up to provide organizations with context-aware vulnerability assessment and risk analysis. Retina’s results-oriented architecture works with users to proactively identify security exposures, analyze business impact, and plan and conduct remediation across disparate and heterogeneous infrastructure. Retina Network Security Scanner, the industry’s most mature and effective vulnerability scanning technology, identifies the vulnerabilities – missing patches, configuration weaknesses, and industry best practices - to protect an organization’s IT assets. Retina provides cost-effective security risk assessment, as well as enables security best practices, policy enforcement, and regulatory audits.

    Learn More  

    Bit9_large

    Bit9 Security Platform continuously monitors to discover and prevent the execution of unauthorized or mismanaged software plus provides a complete, accurate, and timely software inventory for Windows desktop/laptop devices. Bit9 Security Platform continuously monitors to discover and prevent the execution of unauthorized or mismanaged software plus provides a complete, accurate, and timely software inventory for Windows Server devices.

    Learn More  

    CA

    CA Technologies is an enterprise management and security company that has years of experience in Asset Management and IT Security. We offer government agencies solutions that enable the improvement of citizen services while helping them achieve efficiencies and improve cyber security. Our marketing-leading solutions deliver enterprise asset discovery and management, configuration management and comprehensive identity and access management. Our solutions support the technical requirement areas of the CDM RFQ and its task orders. The CA Technologies suite can be used as a single-vendor suite or integrated with installed tools from other vendors, minimizing the disruption involved in deploying a CDM solution into an organization with existing tools, policies and procedures.

    CA Technologies creates software that fuels transformation for companies and enables them to seize the opportunities of the application economy. From planning to DevOps to security to systems management, our solutions power innovation and drive competitive advantage for businesses everywhere. We help organizations to drive enterprise-wide productivity, offer differentiated user experiences and open new growth opportunities. And, we are able to deliver this value across multiple environments – mobile, private and public cloud, distributed and mainframe. Recognized by our customers as a critical partner in their IT transformation, CA is working with companies worldwide to change the way we live, transact and communicate.

    Learn More  

    CheckPoint_large

    The Check Point Continuous Monitoring Solution provides Federal Agencies with real-time configuration monitoring against a library of security best practice diagnostics to ensure the configuration of Check Point is fully in line with expert recommendations. Check Point’s Continuous Monitoring provides security and network administrators with detailed security status analysis against the recommended baseline and actionable guidance on how to remedy security weaknesses.

    Check Point’s Continuous Monitoring solution is fully integrated into Check Point Software Blade Architecture. Violation notifications highlight potential security and compliance violations, reducing the time required and errors associated with manual change management, providing you with control over your security environment at all time.

    Click here to visit Check Point's CDM web page.

    Learn More  

    Cisco_large

    The “guard at the gate” to your network is the Cisco Identity Services Engine (ISE). ISE offers a centralized control point for comprehensive policy management in a single RADIUS-based product. It can accurately identify every user/device attempting to connect to your network whether wired, wireless, or VPN. An inventory of those devices/users, as well as an array of contextual information, is collected as ISE inspects connections. ISE meets the Continuous Monitoring requirements for Hardware and Software inventory and provides an assessment or remediation of vulnerable applications on a device. ISE provides the mechanism to control the flow of traffic via Cisco TrustSec®. ISE is built on an open architecture allowing for sharing of contextual information to dashboards or 3rd-party tools.

    Learn More  

    ExtremeNetworks_large

    Purview is a Network-Powered Application Analytics and Optimization solution that captures network data and aggregates, analyzes, correlates, and reports on it to enable better decision making and improved business performance. Purview allows IT operations to optimize the network for each and every application, enhance security for those applications and provide data for business analytics. This empowers IT to turn the network into a strategic business asset that can now provide value to other lines of business, and it enables business innovation powered by the network infrastructure.

    Learn More  

    Firemon_large

    The CDM approach moves from a manual compliance reporting model to real-time threat detection and mitigation. FireMon Security Manager and Risk Analyzer provide participating government agencies and departments with the ability to enhance and automate their existing continuous network monitoring capabilities, correlate and analyze critical security-related information, and enhance risk-based decision making at the agency level.

    Security Manager and Risk Analyzer address two of the four Phase 1 continuous diagnostic capabilities – Configuration Settings Management and Vulnerability Management – which are foundational capabilities to protect systems and data.

    The hallmark of Security Manager is its ability to understand both risk and vulnerability on a continuous and historical basis – and at a scale that analyzes millions of vulnerabilities in minutes, delivering actionable intelligence to make proactive security posture decisions. Risk Analyzer offers patented risk analysis functionality that identifies reachable assets with vulnerabilities and prioritizes mitigation plans that reduce the greatest risks first.

    Learn More  

    ForeScout_large

    To address CDM functional areas 1-4, ForeScout CounterACT offers real-time discovery and continuous compliance validation of any device attempting to connect or on the network. ForeScout CounterACT interfaces with configuration, patch and vulnerability management solutions, such as those from IBM, Microsoft, McAfee, Symantec, and Tenable (Nessus), to ensure that devices are dynamically identified, assessed and remediated. ForeScout’s platform for endpoint compliance also provides contextual information (who, what, when and where) about all endpoints, their security posture and policy adherence via bi-directional integration with leading SIEM products to assure precise operational intelligence, roles-based enforcement and threat mitigation.

    By combining the ForeScout platform with other best-in-class security tools, federal organizations gain complete situational awareness and can better leverage their security resources to more efficiently preempt cybersecurity threats, close exposures and respond to attacks.

    Learn More  

    ForumSystems_large

    Forum Systems offers the most comprehensive solution for Phase 2 – Least Privilege and Infrastructure Integrity of The Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) Program. The Forum Sentry Security Gateway is an industry only FIPS 140-2 certified technology with a decade of exemplary performance protecting government networks and resources. As a perimeter, in-line, deep content inspection (layer 4 through 7) Forum Sentry may be quickly and easily configured to meet Phase 2, Tool Functional Areas 5 through 9 requirements. Of particular note and value, Forum Sentry is a key component of modern architecture design whereby all web traffic identity, trust, access control, security, information assurance and integration are managed in a certified secure technology. In contrast to legacy end-mile technology solutions, Forum Sentry works outside of the internal computing environment, and well before bad actors and traffic are able to penetrate and harm government assets. This advanced and unique approach successfully secures 80% of daily domestic credit card transactions, the Internal Revenue Services eFiling infrastructure and many other sensitive deployments.

    Learn More  

    HP_large

    HP Fortify and HP WebInspect software product lines were previously approved by the program office and substantially included in the Task Order 1 Commodity purchase. Fortify and WebInspect together form a comprehensive product line supporting software security assurance, assessment, and protection needs. Capabilities include software code vetting, web application vulnerability testing, continuous web application monitoring, runtime software application protection, and a central tracking and reporting console called Software Security Center (SSC).

    HP IT Management Software solutions provide in-depth, robust infrastructure monitoring and management capabilities in a heterogeneous environment (vendor agnostic) in order to give an organization full visibility into its network and empower IT to manage and automate remediation efforts.

    The ArcSight solution provides a single pane of glass to provide, threat identification, event correlation and compliance & vulnerability management. The robust framework of the ArcSight solution provides comprehensive support for ingesting and managing event data for real-time or historical analysis. These streamlined capabilities will be used to solve the complex issues in the majority of the task areas, specifically within the vulnerability management functional category. ArcSight deployments provide the ability to scan, aggregate and report on infrastructure vulnerabilities through our integration suite. Flexible integration and deployment options found in the ArcSight solution provides ease of use throughout evolution of the customers IT environment.

    HP Security Research is the cornerstone of the TippingPoint Suite. The organization is focused on discovering ZERO Day vulnerabilities to enumerate and block vulnerabilities from impacting networked systems. The team of researchers and developers apply cutting-edge reverse engineering and analysis techniques to create comprehensive vulnerability decodes focused threat protection for customer networks and systems. The HP Security Research vulnerability database is one of the largest in the industry proven through industry certifications and market research.

    Learn More  

    IBM_large

    IBM Endpoint Manager combines endpoint and security management into a single solution that enables IT to see and manage physical and virtual endpoints including servers, desktops, roaming laptops and specialized equipment. As threats emerge, the software allows you to rapidly remediate, protect and report on endpoints in real-time. By automating time-intensive tasks across complex networks, they control costs while reducing risk and supporting compliance.

    IBM Security AppScan integrates the application lifecycle management processes to identify risk, facilitate timely remediation, and monitor the state of application security and risk over time. The AppScan portfolio combines advanced security testing with the strengths of the IBM Security application lifecycle management suite to enhance productivity through automation and accelerate better decision making throughout the development organization.

    IBM Cognos Business Intelligence Architect is an open, enterprise-class platform built on a service-oriented architecture. It capitalizes on your existing infrastructure, adapts easily to change and uses open standards for long term extensibility for business intelligence reporting.

    Mobility as a Service (Maas) 360 is uniquely capable of providing continuous monitoring on a heretofore unaddressed segment of the CMaaS spectrum: Mobile Devices. MaaS360 provides comprehensive hardware, software, configuration and vulnerability information in real time from a variety of different smart devices and mobile operating systems.

    Infosphere Guardium is a solution for real-time database activity monitoring and protection. Existing information security solutions often leave databases vulnerable to advanced hacking techniques and insider attacks. Infosphere Guardium automatically monitors database transactions and can respond in real-time to access policy violations.

    QRadar Security Intelligence Platform provides a unified architecture for integrating security information and event management (SIEM), log management, anomaly detection, and configuration and vulnerability management. These products offer advanced threat detection, greater ease of use and lower total cost of ownership.

    Learn More  

    Infoblox_large

    Why Infoblox for CDM? Until you know “in real-time” ALL hardware devices – authorized and unauthorized - connected to your network and where they are on your network with history, you cannot secure your devices and networks (HWAM for all devices). Infoblox is the market leader in Automated Network Control and our technology enables real-time automatic discovery of all devices, real-time network software asset management (SWAM for networks), real-time network configuration and change management (CM for networks), and real-time network policy compliance (VUL for networks). All are tightly integrated with Infoblox DDI solutions for critical network-control functions DNS/DNSSEC, DHCP, and IP address management (IPAM) for IPv4 and IPv6 devices and networks. Note that most civilian government agencies currently use Infoblox in some capacity within their agency for DDI today . Infoblox is a critical security cornerstone giving civilian agencies the power to not only control their network, but to secure and support initiatives like CDM. Just “another brick in the wall” protection against the constantly changing and dynamic threat environment of today and tomorrow.

    Automating Your Multi-vendor Network: 4 Keys to Cutting Cost, Controlling Risk, and Maximizing Productivity (PDF)  

    Learn More  

    Oracle_large

    Oracle provides a comprehensive portfolio of security solutions from identity management to cyber security to encryption and provisioning, to help your organization safeguard information, resources and networks throughout the entire lifecycle, enterprise-wide, from the inside out.

    Resources will help your organization ensure security across the enterprise by:

    • Automating key processes, reduce audit cycles and dramatically lower compliance costs
    • Securely enabling public, private and hybrid clouds, allowing you to choose the right approach for your organization
    • Safeguarding information against increasingly sophisticated attacks and unauthorized users
    • Ensuring that mission-critical information is visible, accessible, and understandable to all authorized users in a trusted environment at the right time, worldwide
    • Implementing a centralized Identity, Credential and Access Management (ICAM) roadmap to realize trust, interoperability, security and efficiency benefits

    Learn More

    PaloAltoNetworks_large

    Palo Alto Networks Wildfire product addresses the full malware life cycle, which includes preventing infections, identifying zero-day malware (that is, malware that has not previously been identified by other antivirus vendors) or targeted malware (malware targeting a specific industry or corporation), as well as pinpointing and disrupting active infections. Palo Alto Networks Panorama product enables you to centrally manage the process of configuring devices, deploying security policies, performing forensic analysis, and generating reports across your entire network of our next-generation firewalls. Available as either a virtual appliance or a dedicated management platform, Panorama and the individual device management interfaces share the same web-based look and feel, ensuring workflow consistency while minimizing any learning curve or delay in executing the task at hand.

    Learn More  

    Qualys_large

    The QualysGuard Platform core features allow one to employ a proactive vulnerability management program and processes that consists of the following lifecycle elements: Discovery, Asset Prioritization, Assessment and Analysis, Remediation Workflow, Verification, Compliance.

    QualysGuard Vulnerability Management (VM), Policy Compliance (PC) and Asset Management (AM) Modules provide Hardware and Software Asset Management through device discovery, authenticated vulnerability and authenticated policy compliance scanning.

    Using QualysGuard Policy Compliance (PC) an organization can reduce the risk of internal and external threats; while at the same time provide proof of compliance demanded by auditors across multiple compliance initiatives. PC and AM Modules provide policy compliance against SCAP content, or industry standards, analysis through device discovery, authenticated/non-authenticated vulnerability scanning.

    Learn More  

    RedSeal_large

    RedSeal continuously analyzes your network security infrastructure, identifying critical points of weakness, configuration flaws and compliance violations that can lead to breaches. This security gap intelligence is presented graphically and interactively. RedSeal shows you the highest priority gaps in the context of business groups, policy standards, network topology and overall business risk. This actionable intelligence puts you in control, focusing resources on the most important issues. The RedSeal Platform shows the paths into your network and to your most valuable assets, as well as the paths that could be used to take data out of your complex network. This lets you prevent cyber attacks from the inside out. RedSeal STIG Best Practice Checks automate applicable STIG checks on Cisco and Juniper network devices. The STIGs contain technical guidance to ‘lock down’ information systems/software that might otherwise be vulnerable to a malicious computer attack. RedSeal STIG checks insure your devices remain in compliance with network policy.

    Learn More  

    SailPoint_large

    SailPoint’s IdentityIQ (on-premises) and IdentityNow (cloud-based) solutions give agencies the means to tightly control access and protect critical assets, while quickly identifying and mitigating potential security risks. Granting and removing access in accordance with security and compliance guidelines can be an overwhelming challenge. To protect your organization against data breaches, theft, fraud, sabotage, and other security risks, you need a solution that helps you detect signal from noise. One that pinpoints risk from an ever-increasing amount of identity and access data and lets you deliver the right access at the right time, efficiently and cost effectively. SailPoint helps agencies proactively identify risks through the continuous monitoring of access control privileges and changes. Identity governance is achieved in the sense of knowing what users have access to and whether it’s appropriate for their job responsibilities. SailPoint utilizes an identity reference model that provides the consistent underpinning of policy and risk management to all identity management processes from access review, access certification, access request, and fulfillment.

    Learn More  

    Sourcefire_large

    Sourcefire, now a part of CISCO, takes a new approach to security (and vulnerability management) —one that quickly and effectively protects your environment against rapidly changing attacks. Designed to deliver Agile Security®, Sourcefire’s solutions, from industry- leading next-generation network security appliances to advanced malware protection, are as dynamic as the real world they protect and the attackers against which they defend.

    BEFORE an attack, defenders need comprehensive awareness and visibility of what’s on the extended network in order to implement policies and controls to defend it. DURING an attack, the ability to continuously detect malware and block it is critical. AFTER an attack, defenders need retrospective security:, the ability to marginalize the impact of an attack by identifying point of entry, determining the scope, containing the threat, eliminating the risk of re-infection and remediating it. Detect a threat, confirm an infection, trace its path, remediate its targets and report on its impact.

    Extend network protection to cover all threat vectors – endpoint devices, mobile and virtual – by integrating with Sourcefire FireAMP, maximizing security and minimizing total cost of ownership (TCO).

    Gartner Magic Quadrant: Gartner has positioned Sourcefire® (Cisco) as a Leader in the “Magic Quadrant for Intrusion Prevention Systems.” Visit this link for more information.

    NSS Labs report: Sourcefire a Recommended rating from NSS Labs in the industry’s most rigorous Breach Detection System test to date. You can obtain your free copy of the 2014 NSS Labs Breach Detection System Product Analysis for Sourcefire (Cisco) Advanced Malware Protection and the Security Value Map by visiting this link.

    Learn More  

    Triumfant_large

    Triumfant’s Resolution Manager scans everything on the endpoint (all files, registry keys, services, ports, etc.), analyzes those scans nightly for malicious or unauthorized items, and remediates any problems or violations. A complete software inventory is automatically maintained daily in a database that is automatically managed and supports imports and exports to other tools. The authorization of applications is automatically analyzed daily. But the key differentiator for Triumfant is that anything in that inventory that is malicious or unauthorized, including zero-day malware, browser plugins, peer-to-peer applications, or unauthorized versions of authorized applications, can be remediated fully automatically.

    This core capability of Triumfant extends beyond applications to any configuration of the endpoint. The inventory mentioned above includes patches, applications, files, registry keys, ports, services, etc. The inventory is analyzed nightly, not only for malicious or unauthorized applications, but also for violations of baseline (e.g., USGCB), mis-configurations caused by malware or maliciously-intended insiders or naïve users, or corrupted configurations. But again, the key differentiator for Triumfant is that anything detected as a problem or violation can be remediated fully automatically.

    Learn More  

    Trustwave_large

    Trustwave’s Managed Security Service offers a variety of customer support packages to accommodate your IT environment and budget; Trustwave will help you select the most cost-effective support package for your environment. Our secure Web portal allows MSS customers to submit security change requests, questions or any other issues to the Trustwave Secure Operations Center (SOC) in a secure SSL encrypted manner. All support issues are tracked via an internal ticketing process. Every ticket is categorized by the type of issue, prioritized according to the severity of the issue and then assigned to the proper level of support personnel. If a particular issue requires additional attention, thoroughly defined escala¬tion procedures ensure every issue is addressed by an appropriately.

    Trustwave MSS is designed to support most Trustwave Products as well as many other 3rd party products to include but not limited too; Intrusion Detection (IDS), Intrusion Prevention (IPS), File Integrity Monitoring (FIM), SIEM, Network Access Control (NAC), Secure E-mail (mailMAX), Two-Factor Authentication, Unified Threat Management (UTM), Vulnerability Scanning (VS), Web Application Firewall (WAF), and Encryption.

    Learn More  

  •  Contract Vehicles - CDM Logo