Denim Group, the leading independent application security firm, today announced AFWERX awarded them a Phase II Small Business Innovative Research (SBIR) contract to accelerate the Air Force’s approval to operate process (ATO) and provide operators mission critical software more quickly. Through issuing the Phase II contract — following a Phase 1 contract issued in January — the Air Force has identified ThreadFix as having sustained potential to advance the software development lifecycle and support the continuous accreditation processes needed to achieve mission readiness.
“The award of a Phase II contract by the Department of Defense and the Air Force demonstrates how important software assurance and operational approvals are to our defense mission,” said Denim Group Principal and former Air Force cyber officer John Dickson. “Through the use and implementation of ThreadFix within their DevSecOps pipelines, we are able to assist with the building and deployment of better software more rapidly, to quickly achieve Authority To Operate and get new capabilities in warfighters’ hands.”
Applications of commercial technologies, such as ThreadFix, are critical to achieving defense mission priorities. Defense and intelligence organizations have used ThreadFix for almost 4 years to automate capability development. It is also used to support the creation and updating of applications, having been implemented into the Risk Management Framework (RMF) and Assessment and Authorization (A&A) processes. ThreadFix operates as part of the DevSecOps pipeline assuring a reduction in time from development to deployment of critical software, reducing delays within the accreditation process by up to 24 months.
In order to better support Air Force software factories and programs that perform DevSecOps functions for operators, capabilities have been added to ThreadFix over the course of both SBIR Phase I and II contracts. Denim Group has worked with various innovative Air Force programs to drive continuous software delivery, feedback and learning. The need for agility and responsiveness within environments that have traditionally struggled to keep pace with modern development approaches will only continue to increase, and Denim Group is committed to support this evolution.
For additional information about SBIR please see the Airmen Guide to SBIR here.
About Denim Group
Denim Group is the leading independent application security firm, serving as a trusted advisor to customers on matters of application risk and security. The company helps organizations assess and mitigate application security risk. Denim Group’s flagship ThreadFix platform accelerates the process of application vulnerability remediation, reflecting the company’s rich understanding of what it takes to fix application vulnerabilities faster.