ObjectSecurity Awarded $2.5M Government Contract for Automated Vulnerability Assessor

VAPTBOX screenshot

VAPTBOX screenshot



ObjectSecurity is Using Artificial Intelligence to Improve and Automate Vulnerability Assessment for the DoD

The award of this Phase II SBIR grant is an important milestone for ObjectSecurity and underscores the strength of our science innovation that underwent rigorous peer review.”

— Dr. Ulrich Lang, CEO

SAN DIEGO, CA, US, January 28, 2020 /EINPresswire.com/ — San Diego, Calif. – 1/28/2020 – ObjectSecurity, The Security Automation Company, today announced that it has recently been awarded a $2.5 Million Phase II Small Business Innovation Research ("SBIR") grant from the Navy to advance the capabilities of the US Department of Defense (DoD). Entitled "Red Team in a Box for Embedded and Non-IP Devices", the Phase II SBIR investment will help fund the development of an automated cybersecurity vulnerability assessment and penetration testing (VAPT) system. A core objective is to overcome the limitation of human red team resources for conducting vulnerability assessments on DoD systems, in particular, cyber-physical systems.

The $2.5M SBIR technology investment will help fund a portable, easy-to-use, automated vulnerability scanning solution to effectively and efficiently assess the cyber security posture of embedded devices. In Phase I, ObjectSecurity successfully developed a working proof of concept of the automated technology, supporting extracting the embedded device firmware via embedded systems ports (JTAG, UART etc.) followed by software vulnerability analysis beyond traditional signature-based assessments. The automated technology uses deep learning to intelligently and adaptively choose the best course of action, which ObjectSecurity researched as part of another prior SBIR contract that focused on traditional enterprise networks.

“The award of this Phase II SBIR grant is an important milestone for ObjectSecurity and underscores the strength of our science innovation that underwent rigorous peer review. It allows us to prioritize research efforts into needed features for the DoD," said Ulrich Lang, CEO of ObjectSecurity. "SBIR contracts allow us to research and develop advanced concepts that feed into rapid product development, enabling us to commercialize next-generation innovative products that will bring tremendous value to the DoD, and our customers across all industries. We are committed to leading this initiative with the DoD to protect DoD’s embedded systems from adversaries by delivering advanced next-generation technology solutions."

“By orchestrating a raft of vulnerability assessment and penetration testing technologies that were originally designed for manual use by human experts, our solution will be usable by non-experts”, said Edward Hackbarth, Senior Software Engineer at ObjectSecurity. “Deep learning allows the solution to learn and adapt over time like a human vulnerability assessor would”, adds Ulrich Lang, CEO of ObjectSecurity.

The federally-funded Small Business Innovation Research (SBIR) program is a highly competitive program that encourages domestic small businesses to engage in research and development that has significant potential for commercialization of innovative products, and their eventual transition into DoD programs. The program’s chief role is to bridge the gap between the performance of basic science and the commercialization of resulting innovations.

About ObjectSecurity
ObjectSecurity LLC is The Security Automation Company. A privately held company based in San Diego, CA, ObjectSecurity’s mission is to reduce cybersecurity effort, complexity, and cost through innovative cybersecurity automation technologies, including security policy automation, supply chain risk analysis automation, and vulnerability assessment automation.
1) Supply chain risk analysis automation: ObjectSecurity SCRAMS analyzes procurement data and microelectronics for supply chain risks. In 2019, we added analysis support for SAP, and circuit board risk analysis as a finalist at an AFWERX Challenge.
2) Security policy automation: ObjectSecurity OpenPMF offers powerful yet manageable technical security policy implementation. In 2019, we improved user and dev experience, and increased the reach of our consistent "umbrella" platform – covering people, process, tech layers, and policies (ABAC & more). ObjectSecurity was selected “Cool Vendor” by Gartner for OpenPMF
3) "AI hacker" automation: ObjectSecurity VAPTBOX, an ongoing commercialization of the just-funded SBIR Phase II, is an intelligent automated vulnerability assessor and penetration tester that uses artificial intelligence to adapt. In 2019, we received a multi-million, multi-year government investment to fully develop VAPTBOX.

More information:
1. Company: https://objectsecurity.com
2. Team: https://objectsecurity.com/team
3. VAPTBOX: https://objectsecurity.com/vaptbox
4. OpenPMF: https://objectsecurity.com/openpmf
5. SCRAMS: https://objectsecurity.com/scrams

Martijn Kolenbrander
Chief Marketing & Sales Officer
ObjectSecurity LLC
1855 1st Ave #103
San Diego, CA 92101

Ulrich Lang
ObjectSecurity LLC
+1 650-515-3391
email us here
Visit us on social media:

ObjectSecurity VAPTBOX demo video

Source: EIN Presswire