By Bob Gourley
PALO ALTO, Calif. — HP today announced the U.S. Department of Homeland Security (DHS) has awarded the company a cybersecurity contract worth up to $32.4 million—the largest acquisition of software security assurance tools worldwide—under the DHS Continuous Diagnostics and Mitigation (CDM) government-wide Blanket Purchase Agreement (BPA).
HP captured the largest portion of the first task order awarded under the DHS CDM program to provide software security product licenses for 33 U.S. federal civilian government agencies.
The original $6 billion CDM BPA, awarded in August 2013, includes 17 vendors. Developed in response to the expanding landscape of cyber threats, the DHS CDM program was established to enable government agencies to cost-effectively identify and mitigate network, system and software vulnerabilities. The five-year, multi vendor program is designed to help the government address the rising volume and complexity of cyberthreats.
“In today’s technology-based society, there is nothing more important than protecting our nation’s cyberspace so citizens will have continuous and secure access to services,” said Al Kinney, vice president,Cybersecurity Solutions Group, U.S. Public Sector, HP Enterprise Services. “As one of the first companies to begin work under the CDM program, HP is well positioned to help agencies enhance their security arsenal by performing analysis, reporting and threat mitigation on their core software assets.”
With cyber criminals working harder and smarter to gain access to sensitive data, organizations must stay ahead of evolving threats and take proactive steps to facilitate the security of mission-critical applications. Under this award, HP will provide licenses for two industry-leading enterprise security solutions that will be used to address the application security requirements with the CDM program,including:
- HP WebInspect, an automated web application security and penetration testing tool, mimics real-world hacking attacks and will enable agencies to thoroughly analyze their complex web applications and services for security vulnerabilities.
- HP Fortify Static Code Analyzer (SCA) scans source code to identify the causes of software security vulnerabilities, then correlates and prioritizes results, giving agencies guidance to close security gaps at the code level.
More information about HP Enterprise Services’ government business is available at www.hp.com/enterprise/government. Additional information about HP Enterprise Security Products is available at www.hpenterprisesecurity.com.
HP’s premier annual government client event, HP Software Government Summit, takes place April 2 in Washington, D.C.