Imperva, Inc.’s [IMPV] Imperva SecureSphere Web Application and Database Firewalls, respectively, were selected for inclusion into the Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) Tools/Continuous Monitoring as a Service (CMaaS) Blanket Purchase Agreement (BPA), the company said Tuesday.
The CDM program is meant to fix problems within the network perimeters of federal agencies in near-real-time. Whereas the EINSTEIN program guards the perimeter of an agency network like a gateway and perimeter fence scanners, the CDM program monitors within a network for vulnerabilities and suspicious behavior once a bad actor may have breached the perimeter.
Imperva was selected for inclusion in Phase 3 of DHS’s CDM program. Phase 1 coveved basic security monitoring services and managing assets. Phase 2 monitors network users to ensure they do not engage in unauthorized activity with a focus on identity management, managing accounts for people, and services. Phase 3 plans to access activity within networks to identify anomalies and alert personnel.
Imperva is the latest addition to a series of BPAs previously awarded to 17 industry partners who also include Booz Allen Hamilton [BAH], IBM [IBM], Leidos [LDOS], Lockheed Martin [LMT], and Northrop Grumman [NOC].
Imperva’s addition allows federal agencies covered under CDM to use the BPA to utilize Imperva products to analyze user access to web applications and protect applications and databases from cyber attacks, data loss, and theft.
“This selection is a testament to the depth of our experience spanning thousands of installations across civilian and defense agencies, and global enterprises. We will use the CDM program to make it even easier to apply our proven solutions and expertise to protect the mission-specific critical data and applications of federal agencies,” Mike Mooney, chief revenue officer at Imperva, said in a statement.
“The federal market is extremely important to us, and we are pleased to be included in the CDM program to help government agencies transform the way they protect our nation’s data and applications,” Bill Goodson, federal government area vice president at Imperva, added.
The CDM BPA is also available to state, local, and tribal government entities.
Andy Ozment, assistant secretary for Cybersecurity and Communications at DHS, last week said that the first phase of CDM was fully awarded and about half of the work for phase two has been awarded. Phase three funding is proposed in the FY ’17 budget request to Congress, which also includes the start of phase 4, aiming to provide capabilities to protect the highest value assets of agencies (Defense Daily, Aug. 25).