UPGRADE Teaming Profiles

Thank you for showing an interest in ARPA-H’s Universal PatchinG and Remediation for Autonomous DEfense (UPGRADE ) program. This page is designed to help facilitate connections between prospective proposers. If your organization is interested in teaming, please submit your information via the form below. Your details will then be added to the list below, which is publicly available. 

UPGRADE anticipates that teaming will be necessary to achieve the goals of the program. Prospective performers are encouraged (but not required) to form teams with varied technical expertise to submit a proposal to the UPGRADE solicitation. 

UPGRADE Teaming Profile Form

Please note that by publishing the teaming profiles list, ARPA-H is not endorsing, sponsoring, or otherwise evaluating the qualifications of the individuals or organizations included here. Submissions to the teaming profiles list are reviewed and updated periodically. 

Teaming Profiles List

To narrow the results in the Teaming Profiles List, please use the input below to filter results based on your search term. The list will filter as you type.

ContactOrganization Name (Contact) (Contact)Email (Contact) (Contact)LocationDescription of Research Focus AreaDescription of Teaming PartnerTechnical Areas
Wesley VeitchGooglewveitch@google.comReston, VAGoogle SecOps Services Summary:  Chronicle SIEM (cloud native), Chronicle SOAR (Cloud native) Security Automation orchestration and response, Google Threat Intelligence - threat insights across Mandiant, Virustotal, and other Google technologies,  Mandiant Solutions + Threat Assess Consulting Services & Triage.  
Cloud Security and risk management for multi-cloud environments:  Fusion of cloud security & Enterprise security operations supercharged by Mandiant Expertise & Gemini AI @ Google Scale		Google Public Sector - Cloud security is open to work with prime contractors positioned to supplement Google capabilities.TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Trent BrunsonTrail of Bitstrent.brunson@trailofbits.comBrooklyn, NYTrail of Bits is an NYC-based firm researching and building automated software vulnerability detection and patching tools. We focus on low-level technologies for binary lifting, static and dynamic analysis, source code analysis, and automated patching techniques.Trail of Bits seeks academic and industry partners interested in publishing and open-sourcing. While our office is in NYC, we can support partnerships throughout the US, as we are primarily a remote company.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development, TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform
william yurcikCMSwilliamyurcik@cms.hhs.govBaltimore, MDautomated detection of vulnerabilities across all usa hospitalsto be discussedTA3: Automated Vulnerability Detection
Robert McGrawRAM Laboratories Inc.rmcgraw@ramlabs.comSan Diego, CARAM Laboratories has developed machine learning tools and technologies that automatically detecting and generate patches for vulnerable source code. We have also developed a variety of vulnerability detection solutions that combine instrumentation, fuzzing, machine learning and concolic execution to detect and classify vulnerabilities in compiled binaries.RAM Laboratories is looking for a teaming partner with expertise in medical devices and applications.TA4: Automated Remediation Development, TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform
Vidya MurthyMedcryptvidya@medcrypt.coSan Diego, CAVulnerability management, with particular focus on automating remediation identified as a result of applicable vulnerability matching is our area of research focus.   Additionally, we are seeking to explore application of LLM to automate vulnerability remediation determination and upgrades/patches as well.Given our focus on vulnerability management, having a partner for consuming our findings is a natural synergy we'd like to explore.TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Kyle DickersonV Consulting Serviceskyle@yourvcs.comAtlanta, GAOur research focus area is on AI and how it can be used to improve detection, response, and remediation of vulnerabilities.Ideally we would like a partner that also has a strong focus on AI. A secondary focus on patch management and incident response.TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development
Eric SmithCyber Stoics, LLCeric.smith@cyberstoics.ioPhiladelphia, PAAutomated detection and remediation of covert security issues in Active Directory and Azure Active Directory (Entra ID) IAM systems.Implementation and ScalingTA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Toby GoukerFirst Health Advisorytgouker@firsthealthadvisory.comScottsdale, AZFirst Health Advisory has depth, breadth and longevity with healthcare delivery organization patch management and general vulnerability management program development, implementation and management as a service.Looking for tools to increase the level of automation for our teams.TA4: Automated Remediation Development
Sher BaigCyber Salussher.baig@cybersalus.comBoca Raton, FLWe are focused on actionable remediations, vulnerability management, access management, threat detection, digital twin solutions and cloakingSBOM inventory and digital twinTA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development, TA3: Automated Vulnerability Detection, TA2: Hospital Equipment Emulation
Mark McCourtViakoo, Inc.mark.mccourt@viakoo.comMountain View, CAAutomated device discovery at the application level to identify physical location; device cyber hygiene to remediate vulnerabilities at scale with Firmware, Certificate, and Password IoT device management products. The outcome combines network and application discovery data to speed remediation and repatriation to the network.Device discovery/visibility and vulnerability assessments through network monitoring and device behavior enabling enhanced integration with Viakoo's application discovery and remediation capabilities.TA4: Automated Remediation Development, TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform
Chanh TrinhMyRxWallet Corporationchanh@myrxwallet.appLas Vegas, NVOur research focuses on leveraging Web3 blockchain technology to enhance hospital cybersecurity. This involves developing a semi-autonomous platform for real-time vulnerability assessment, automated threat detection, and seamless patch deployment. Our goal is to minimize operational disruptions and safeguard patient data through proactive, scalable, and synchronized security updates.MyRxWallet Corporation specializes in integrating Web3 blockchain technology with healthcare systems. Our expertise includes secure patient data management, automated vulnerability assessments, and seamless patch deployment. By leveraging blockchain’s immutable ledger, we ensure real-time, tamper-proof cybersecurity solutions that protect hospital infrastructure and patient information, aligning with the goals of the UPGRADE program.TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Tres LeonardWabash General Hospital Districtnleonard@wabashgeneral.comMount Carmel, IL802.1x Wired/Wireless - MicrosegTechnical LeaderTA3: Automated Vulnerability Detection
Faye FarahCDW-Gfaye.farah@cdwg.comMcLean, VAAdvanced auditing with AI Behavior Analysis, Detection, and Response to all threat levels including those monitoring the security of the solution.we provide the technology and the solution, looking for a partner to implement and maintain in partnership with us.TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA2: Hospital Equipment Emulation
Ryan MelissinosNova Microsystems Inc.Rmelissinos@novainc.coFairfax, VANova Inc. focuses on AI-driven SIEM technology with automated event responses, as well as proprietary quantum-resistant encryption technology for data at rest.Prime or subs that our offerings complement.  Those with the lack of capabilities to address data-at-rest.TA4: Automated Remediation Development, TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform
Nick MistryLineajenick_mistry@lineaje.comSanta Clara, CAAI based Automated Vulnerability Remediation Through Forking and Branching Unfixed Open-Source Vulnerabilities.Partners with experience developing software especially open-source softwareTA4: Automated Remediation Development, TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection
Michael SheppardCommand Center Inc.msheppard@command-center.ioOrlando, FLAutonomous Cybersecurity with Command Center, an AI-Driven, semi-autonomous, Cybersecurity Threat Mitigation platform that eliminates cybersecurity risk providing 360 degree visibility for all vulnerable assets and data, providing Real-time identification & auto-remediation of all cybersecurity vulnerabilities, automated Prevention of Risk throughout equipment/tools lifecycle, Automated Risk Posture Improvement for assets, Real-time Protection of all assets and data and Compliance Enforcement.Expertise around hospital specific equipment, processes, data, tools, personas, service providers, etc.TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development, TA2: Hospital Equipment Emulation
Veeraj MehtaPuzzlveerajm04@gmail.comSan Francisco, CAOur initiative explores procurement orchestration, management, and automation to mitigate cyber risks from vendors in healthcare. Our research & building will focus on developing tools like comprehensive security reviews to evaluate vendors' posture, track users' access, and integrate with exclusion/risk lists like OIGs. This should protect users across a majority of high-risk vendors. Lastly, research will include AI phishing training with advanced analytics to focus on high-risk members.We're looking for teams with experience with large health systems/organizations to ensure our solutions succeed in organizations with multiple business units nationwide. We prefer partners that are fast movers with low bureaucracy, like us.TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA2: Hospital Equipment Emulation
Duncan ThomasInnoculatorDuncan@innoculator.comWashington, DCInnoculator is developing an AI powered Auto remediation platform for Vulnerability management and mitigation. This is an Agentless, OS agnostic based solution. We are HQ'ed in Australia (Melbourne) but looking to US expansion.Innoculator is developing 2 of the 4 requirements , and we can incorporate the Automated Vulnerability Detection into that roadmap, however we would need a teaming partner for the "Hospital Equipment Emulation" portion in order to provide a complete solution.TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development, TA3: Automated Vulnerability Detection
Jim PietrociniKBRjim.pietrocini@us.kbr.comCarlsbad, CATeaming around prototyping/research around zero trust principles and implementing continuous monitoring and observability around health care networks and devicesTechnology partners focused on "observability" and "zero Trust" (i.e. Elastic, Cribl, Zscaler, Dragos, etc)TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development
Christopher StricklanKraetonics, LLC.chris@kraetonics.comWest Melbourne, FLVulnerability mitigations by patching libraries in-situ.TBDTA4: Automated Remediation Development, TA4: Automated Remediation Development, TA2: Hospital Equipment Emulation, TA3: Automated Vulnerability Detection
Elizabeth StephensDBS Cyber LLCelizabeth@dbscyber.comNashville, TNFocusing on leveraging AI powered predictive analytics to proactively identify and mitigate cyber risk.  By integrating advanced machine learning algorithms into our risk platform, we aim to quantify the impact on early threat detection, accurate attack vector prediction, and proactive mitigation strategies.  Our research measure the effectiveness of the predictive models in reducing the number and severity of incidents, ultimately enhancing operational resilience and demonstrating the ROI of AIThreat Intelligence Vendors: Partnering with companies that specialize in collecting and analyzing threat data would enrich our platform's intelligence and improve its ability to identify emerging threats.  Critical Infrastructure Operators: Sectors like energy, healthcare, and finance could benefit greatly from your proactive threat mitigation capabilities due to the high stakes involved in cyberattacks.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development, TA1: Vulnerability Mitigation Platform
Chad CaisonSix24 Cyber Labsccaison@six24cyberlabs.comCatonsville, MDSix24 Cyber Labs primary research effort if the fusion of AI systems with traditional offensive systems. We have deep understanding of the offensive cyber processes and develop tools used in red team engagements. We leverage our expertise and train RL algorithms to automated complex cyber processes, enabling customers to continually assess their network between costly human red team engagements.Six24 Cyber Labs comes from offensive and defensive cyber operations backgrounds. We currently do research and development of AI and red team (offensive) cyber systems under two DARPA programs. On DARPA's CASTLE program (PM Tejas Patel)  we are developing an AI system that  is trained to perform at the various technical levels of an APT and map all possible attack paths within a given network.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Chad CaisonSix24 Cyber Labsccaison@six24cyberlabs.comCatonsville, MDSix24 Cyber Labs comes from offensive and defensive cyber operations backgrounds. We currently do research and development of AI and red team (offensive) cyber systems under two DARPA programs (SMOKE, CASTLE). On DARPA's CASTLE program we are developing an AI system that  is trained to perform at the various technical levels of an APT and map all possible attack paths within a given network.We would like to partner with folks who are expertise in the hospital equipment emulation and automated remediation platform. We believe with out background and existing R&D systems under DARPA programs, we will be strong partners for automated vulnerability detection, and vulnerability mitigation.TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development
Alan SnyderNowSecureasnyder@nowsecure.comVienna, VAAutomatically and continuously identify vulnerabilities and data privacy issues in Mobile Apps associated with the delivery of care and IoT devices in the hospital. The solution is simple, easy and fast. It does not require source code, examines all 3rd party components, can be used during development or can be used for 3rd party apps in the app stores. It includes detailed remediation instructions to find and fix fast. It is already being used by leading Hospitals and Health Care providers.Ideal teaming partners are:
-  Medical Device manufacturers that need to secure the mobile apps connected to their devices
-  Vulnerability Management companies that need to address the mobile app attack surface		TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development
Manu FontaineHushmesh Inc.manu@hushmesh.comFalls Church, VAWe're the public benefit startup developing the Mesh, a global information space, like the Web, but with automated cryptographic security and universal zero trust built in. We solve (zero) trust across domains for all types of entities: people, orgs, digital things, and physical things.TBDTA4: Automated Remediation Development
Jonathan Ben-JosephTensorSpace, Inc.jj@tensorspace.aiMiami, FLmachine learningTensorSpace is an AI/ML consultant firm that has a history of developing quality open source software. We can lend our help to this program.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Michael BrownTrail of Bitsmichael.brown@trailofbits.comNew York (HQ, company is fully remote), NYTrail of Bits primary research areas are in automated, semi-automated, and AI/ML-driven techniques for vulnerability detection and remediation in critical systems. We specialize in creating open-source tools that perform bleeding-edge software analysis.Primarily looking for a teaming parter with experience with healthcare systems and digital twins.TA4: Automated Remediation Development, TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform
Andrea DowningThe Light Collectiveandrea@lightcollective.orgEugene, ORWe focus on banned tracking technologies that have sparked unprecedented breach notifications from health systems, and other HIPAA Covered entities.  We developed a fit-for-purpose solution for health delivery organizations to scan for, and remediate banned tracking technologies (Notice: https://www.hhs.gov/hipaa/for-professionals/privacy/guidance/hipaa-online-tracking/index.html).Healthcare Delivery Organizations to test & pilot our solutions for tracking technology remediation.TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform
Greg CullisonQWERX, Inc.greg@qwerx.coVienna, VAQWERX Enterprise Secure Perimeter (QESP) is a cybersecurity software as a service (SaaS) providing Dynamic Machine Identity Management using chaotically generated quantum-proof ephemeral keysnetwork asset identification, Healthcare IoT manufacturer, systems integrator, AI/ML-driven threat intelligenceTA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection
Denis GopanGrammaTech, Inc.gopan@grammatech.comNew York, NYGrammaTech is a provider of advanced cybersecurity services and leading developer of software-assurance solutions. Our expertise covers threat detection and mitigation, malware analysis, machine learning and automation, attack surface reduction, and software supply chain integrity. Specifically for UPGRADE, we can provide capabilities for building digital twins of cyber-physical (medical) devices, automated vulnerability discovery, and software binary transformation (for attack mitigation).We are looking for partners with hands-on expertise of analyzing and securing individual medical devices as well as larger medical installations.TA3: Automated Vulnerability Detection, TA2: Hospital Equipment Emulation, TA4: Automated Remediation Development
Rodney GainousSaferodney.gainous@gmail.comLos Angeles, CAPhishing prevention, Encrypted Communication, and Data ProtectionWe're looking for partners with security researchers that have a strong technical background building software and hardware.TA1: Vulnerability Mitigation Platform
Neil SeitzWIZneil.seitz@wiz.ioReston, VANAWIZ is looking for teaming partners that Integrate the entire required solution and services.  WIZ is a Cloud Native Application Protection platform (OEM) built on the cloud for the cloud.  We would like to team with Integrators looking to fulfill any requirements around securing the cloud environment and prioritizing risk in the cloud infrastructure.TA3: Automated Vulnerability Detection
Dwayne WashingtonExpediteInfoTech, Inc.dwashington@expediteinfotech.comRockville, MDTBDTBDTA1: Vulnerability Mitigation Platform
Brian GarmeyNucleus Securitybgarmey@gmail.comSarasota, FLNucleus is a multi tenant platform that automates risk-based vulnerability management by centralizing vulnerability and asset data from any source tool (vulnerability scanners, CSPM, ASPM, ASM, manual testing and more) into one dashboard. Nucleus integrates threat & vulnerability intelligence, with business context, to prioritize vulnerabilities based on organizational risk. Nucleus then automates remediation processes, greatly reducing time and effort needed for vulnerability mitigation.Nucleus is seeking an integration and professional services partner to manage the Nucleus platform in support of this mission to provide vulnerability management and remediation automation for the constituents being served.TA1: Vulnerability Mitigation Platform
Russell AnderssonRapidFort, Incruss@rapidfort.comSan Francisco, CARapidFort is a next-generation vulnerability remediation platform.  RapidFort instruments software to understand which components are required to run. It then provides tooling to remove the unused code and prioritize patching. The results ... 80% reduction in patching burden, reduced code sizes of 78%, faster boot times of 300%, and engineering overhead savings in the range of 5% to 12%. Game-changing savings.  In addition, RapidFort includes a SBOM warehouse patching prioritization platform.RapidFort is largely focussed on cloud workloads but is seeking partners to focus on the IOT and device segments of healthcare infrastructure.TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development, TA1: Vulnerability Mitigation Platform
Gary HamiltonAssured Information Security, Inc.hamiltong@ainfosec.comRome, NYAIS is a longstanding performer with more than 23 years' experience in vulnerability assessment, vulnerability mitigation, cyber operations, cybersecurity, and virtualization and emulation technologies, test and evaluation, and challenge curation expertise. This experience includes evaluator and challenge curation roles under DARPA AMP, HACMS, V-SPELLS, and other programs. AIS possesses experience assessing security of medical device technologies, as well as a wide range of other platforms.AIS seeks partners with a variety of complementary skillsets to augment existing team expertise in automated vulnerability detection and patching.TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Prudence VincentIdaho Health Data Exchangepvincent@idahohde.orgBoise, IDThe research focuses on developing automated remediation and hospital equipment emulation solutions leveraging IHDE's HIE platform. We aim to provide a real-time backup solution for hospitals, and clinics by enabling automatic cutover from their EHR. It also allows recovery of images and information from medical equipment for restoration.  The goal is to enhance system resilience, ensuring seamless operations during outages and minimizing data loss through backup and recovery mechanisms.We seek a partner skilled in AI tools, automatic cutover solutions, encryption, system preservation, and cutover technologies. Partners should have expertise in HIE cybertools to mitigate risks associated with backup solutions. They should be able to integrate advanced AI to automate and streamline the cutover process, ensuring minimal disruption. Their solutions should enhance system resilience, ensure continuity of care, and encrypt sensitive healthcare data during system transitions.TA2: Hospital Equipment Emulation, TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development
Frank ZinghiniApplied Visions, Inc.frank.zinghini@avi.comNorthport, NYSecurity of embedded systemsWe provide deep expertise in software and hardware engineering of systems, including medical devices, and a thorough understanding of security issues related to such systems. We are not looking to prime, but can be a valuable member to a team.TA2: Hospital Equipment Emulation, TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development
Mark WhiteheadNday securityAdmin@ndaysecurity.comDover, DENday has a proprietary platform called attackN that could fill in TA1 and TA3.Organizations that could fill in TA2 and potentially TA4TA1: Vulnerability Mitigation Platform
Jacob SchrothNTT DATA North AmericaJacob.Schroth@nttdata.comMcLean, VA1 - Physics and Informatics; 2 - Cryptographic & Information Security; 3 - Medical & Health InformaticsWe are looking for a collaborative partner with both technical expertise and an "innovation-first" mindset. We value collaboration, and believe in order for a program to thrive, it must value the People who support it. We value specialized knowledge and a deep understanding of various domains within the Cybersecurity & Health IT fields, as well as an ability to collaboratively exhibit this expertise and apply it to solving real-world challenges.TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development
Howie HuangCybermonichowie@cybermonic.comMcLean, VACybermonic is an early-stage startup providing AI-powered software for automated cyber threat detection. Leveraging advanced graph AI that harnesses machine learning techniques tailored to graph data structures, Cybermonic provides actionable insights into the interconnected nature of cybersecurity data. Cybermonic’s research and design collaborations extend to prestigious entities such as DARPA, the Department of Defense, and various commercial organizations.We are looking for teaming partners with complementary expertise and experience, especially in vulnerability mitigation.TA3: Automated Vulnerability Detection
Erin JoeGoogle CloudErinJoe@Google.comReston, VASecurity Operation Capabilities, AI, LLMs for health and securityPMs and personnel to assist with solution integrationTA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development, TA2: Hospital Equipment Emulation
Shantanu RaneSRIshantanu.rane@sri.comPalo Alto, CAWe work in the area of distributed system security, and have background in configuration security for IoT systems.We are looking for partners from the healthcare industry who are familiar with hospital operations and can help us articulate and address the impact of security configurations and upgrades on day-to-day functioning of hospital equipment.TA4: Automated Remediation Development
Scott SchnorrenbergEnQuantascott@enquanta.ioEden Prairie, MNEnQuanta is a suite of software products built on our patent-pending quantum cyber resilience solution. It is seamlessly incorporated into IT systems to protect your digital assets in transit or at rest against both current and future cyber threats, including those posed by quantum computing and AI. Our protection is unbreachable by the sophisticated techniques of today's top hackers, as well as future quantum computing, rendering your data useless to your adversaries.EnQuanta is looking for teaming partners that can fully address Technical Capability 2 (Hospital Equipment Emulation) and Technical Capability 3 (Automated Vulnerability Detection). While we can partially address Technical Capability 4 (Automated Remediation Development), we are looking for partnerships to fully address this capability.TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development
Kinnaird McQuadeNightVision Securitykinnaird@nightvision.netArlington, VANightVision's automated Application Security Testing scans code before simulating attacks & tracing exploitable vulnerabilities back to the line of code. Our current research focus areas include: (1) Using AI on top of our current analysis capabilities to generate more customized payloads for max effectiveness. (2) Integrating with the snapshot analysis process for CSPM providers like Wiz and Palo Alto to automatically map out APIs & rapidly scale out AppSec testing across cloud environments.NightVision (specializing in automated vulnerability detection of 1st party code, applications, and APIs) would like to partner with organizations who can fulfill other components of the UPGRADE mission aside from TA3. An ideal fit would be ASPM/CSPM partners where we can verify exploitable vulnerabilities and aggregate into their platform, improving a healthcare organization’s ability to detect and respond to vulnerabilities in their applications and APIs.TA3: Automated Vulnerability Detection
Vijay MadisettiGeorgia Techvkm@madisetti.comAtlanta, GAWe are looking at new approaches to detect and remediate cyberattacks and develop defenses, with focus on healthcare organizationsPartners who have existing links to healthcare organizations and agencies.TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Fish WangArizona State Universityfishw@asu.eduTempe, AZThe expertise of our current team focuses on cybersecurity, especially the rehosting and emulation of embedded software, automated vulnerability discovery, and automated vulnerability mitigation and software hardening.We are looking for partners with expertise in medical devices and real-world hospital environments.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Sven Cattellnbhd.aisven@nbhd.aiRemote, MDWe ingest unlabeled samples and finds subtle anomalies in the data feed that are indicators of compromise.An anti-virus company with a enterprise malware detection model.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Bill BiermanOceanitbbierman@oceanit.comHonolulu, HISimulation, vulnerability detection and remediation in cyber-physical systemsWe are looking for partners with practical penetration testing experience, and hospital equipment simulation experience.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development, TA1: Vulnerability Mitigation Platform
Richard DavisQeros, Inc.rdavis@qeros.ioAustin, TXImmutable, ransomware, and post-quantum cryptography ready private, trusted networks based block-DAG (blockchain like architecture) to enable the exchange and storage of sensitive data.We address multiple cybersecurity and regulatory requirements in a "hub and spoke" fashion, where our storage and collaboration (sharing) environment is the hub that provides an immutable, permissioned, collaboration environment.TA4: Automated Remediation Development, TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform
Lovina McMurchykry10 Corporationlovina@kry10.comSeattle, WAProvably secure operating system for smart machines and connected devicesKry10 offers a secure OS which can either be embedded into new devices or used as an appliance for legacy devices. We are a secure by design system that removes up to 98% of all critical vulnerabilities due to the use of formal methods. It provides a provably secure software foundation, provably secure isolation between software applications and a provably secure update service.TA1: Vulnerability Mitigation Platform, TA1: Vulnerability Mitigation Platform
Nick MistryLineajenick_mistry@lineaje.comSanat Clara, CAWe discover 170 dimensions of risk including risk of tamper (e.g. SolarWinds) and perform remediation including forking/branching open-source code to fix vulnerabilities using AI.Systems integratorsTA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Jim BleilerPhosphorus Cyber Securityjim.bleiler@phosphorus.ioNashville, TNIoT and OT discovery-Patching-Monitoringservices organizationsTA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development, TA2: Hospital Equipment Emulation
David KovarURSA Inc.dkovar@ursasecure.comExeter, NHCurrently on DARPA SBIR Phase II contract to research semi-automated firmware analysis and patching. Also developed cross binary code similarity capability with potential application to vulnerability assessment.Seeking partners with track record of successful collaboration that can complement our capabilities.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Timothy ChouBevelCloudtim@bevelcloud.ioMarina delRey, CAWe have developed a distributed edge cloud service, which is architected to twin to every healthcare machine in the hospital. Thru edge data services applications can know the current patch level of any machine in the hospital network to enable create multi-le vulnerability applications as well as remediation apps. Furthermore a routing application could be built which would allow control of communications both inside the hospital zone as well as outside. We also have 8 hospitals.Looking for security application expertise to leverage the platform to accomplish the UPGRADE Goals. We engineered the platform focused on building distributed real-time, privacy preserving AI applications, which has been most of our focus.TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development, TA3: Automated Vulnerability Detection
Michael MehlbergDark Sky Technology, Inc.michael.mehlberg@darkskytechnology.comFort Collins, CODark Sky Technology is securing the world of software that powers our nations' most critical systems, devices, and applications by identifying malicious threats, untrusted code, and cyber attacks in open-source software. Our advanced analytics on open-source packages protects the software supply chain and enables our customers to deploy secure, reliable, trusted software with confidence. Finally. Trust in Open Source.We are looking for partners who would be able to leverage our software supply chain threat intelligence and assurance platform to uncover threats, discover vulnerabilities, and measure risk in the systems and software objectives of this solicitation.TA3: Automated Vulnerability Detection
Theodore RyersonDCI-Solutionstryerson@dci-solutions.comAberdeen Proving Ground, MD 21005, MDCyFormer: A network Intrusion Detection System (IDS) that leverages Artificial Intelligence (AI) to perform anomaly detection and reporting. Our software model requires no threat intelligence and no signature or rule-based methods. The model creates a pattern of life for network traffic and will alert when network behavior is outside (anomalous) the normal behavioral baseline. Alerts present in our user interface or can be sent to existing Security Information Event Management (SIEM) systems.We are looking for teaming partners to collaborate with in providing a layered solution where our software is a piece of the overall solution. Strategically teaming with the right partners enable for a unified solution to be truly unique and solve real-world problems. Our software is purposely designed to augment and enhance an organization's network security posture, not to replace or to be a single proprietary solution.TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection
Jeremy StraubNorth Dakota State Universityjeremy.straub@ndsu.eduFargo, NDWe have a current focus in the automation of cybersecurity assessment.   We have focused on the identification of vulnerabilities in internet of things (and similar) devices as well as the Cybersecurity assessment of IT systems and devices.  We have also recently designed systems for automated analysis of IT systems-of-systems and source code.  A particular area of focus for us has been the assessment of systems whose functionality cannot be impacted / impaired by assessment activities.We would be interested in working with organizations that have relevant experience in the medical space that could be directly leveraged towards this proposal.  We would also be interested in working as part of a larger group where we are conducting fundamental / applied research activities and others are working to transition this research to practice / use in hospitals.  We would be open to other teaming arrangements too.TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development, TA2: Hospital Equipment Emulation
Chris McCullohSecureHealtharpah732@cmdoms.comNew York, NYAI/ML-based vulnerability testing and analysis, specifically focused on healthcare equipment.Hospital equipment emulation and vulnerability mitigation. We would also be interested in automated remediation development to extend/enhance our in-house capabilities.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Himanshu NeemaVanderbilt Universityhimanshu.neema@vanderbilt.eduNashville, TN1) A model-based heterogeneous simulation integration and experimentation framework that allows hardware, software, and humans, in the loop simulation. It also has generic cyber network simulation, cyber-attack library, and supports scenario-based experimentation.
2) An autonomous cybersecurity agent (reinforcement learning-based) training environment using both simulation and emulation of networks.
3) A risk analysis framework for vulnerability assessment and risk management.		Collaboration with a hospital entity on TA1TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA2: Hospital Equipment Emulation
Aniruddha GokhaleVanderbilt Universitya.gokhale@vanderbilt.eduNashville, TNCyber Physical Systems, Security and Dependability, Distributed and Networked Systems, Model-driven Engineering, Robust AI/MLComplementing our expertise. Moreover, since we have our local team, this will also depend on other factors like the area we are proposing, etc. For now TA2 is one of the focus.TA2: Hospital Equipment Emulation, TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Matt IpriMicroStrategymipri@microstrategy.comTysons Corner, VAAdvanced Analytics and AI Solutions, especially around Cyber data and decision making, for Federal AgenciesPartners to complement our out-of-the-box solution features to build a complete vision to deliver UPGRADETA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Karim EldefrawyConfidencial.iokarim.eldefrawy@confidencial.ioMenlo Park, CAAutomated discovery, identification, classification, mapping, and (cryptographic) protection of vulnerable sensitive data. Mostly dealing with unstructured data for now, but can extend our platform to handle structured data and databases.We are looking for a team developing an overall vulnerability mitigation platform that is interested in incorporating the ability to mitigate vulnerabilities of unprotected (sensitive) data. We realize this is not specifically called out in the BAA, but we asked for clarification about this issue/topic and we think it is an area the program may have overlooked.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Daniel VotipkaTufts Universitydaniel.votipka@tufts.eduMedford, MAOur organization's expertise in human factors research focused on security and technology professionals' work.  We have prior and ongoing research working with medical device manufacturers and healthcare providers to understand current security and privacy practices in these networks.  Our research is well-suited for TA1 as we drive the development of evidence-based models for the Whole Hospital-Simulation and operator interaction needs for the Vulnerability Mitigation Platform.Our expertise is more limited in the type of robust software engineering needed to be done to build the software for the Whole Hospital-Simulation and Vulnerability Mitigation Platform, so we are seeking partners who can support that development effort. Also, we are seeking a hospital system to support field research. We plan to conduct research in multiple settings to support generalizability, but a dedicated partner for field work is necessary for initial exploration and field testing.TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection
Michael HoltVirta Laboratories, Inc.michael@virtalabs.comCharlottesville, VAVulnerability and asset management with network discovery.Partners to: (1) leverage our open source inventory tools for HL7/DICOM medical inventory identification, (2) build on top of our security data lake for integration of tools with intuitive user workflow interface, and (3) utilize our threat feed APIs to streamline vulnerability classification based on previous medical device data sets.TA1: Vulnerability Mitigation Platform, TA2: Hospital Equipment Emulation, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Latha KantPeraton Labslkant@peratonlabs.comBasking Ridge, NJPeraton Labs’ CyberVAN testbed is a mature and flexible hybrid simulation/emulation environment that supports the goals of the UPGRADE TA1 VMP. CyberVAN enables creation of high-fidelity digital twins of complex hospital cyber environments. It can interface with physical equipment as well as third-party emulators and vendor software. Our team has extensive experience in red-teaming, cyber decision support, and automated remediation deployment. See https://www.peratonlabs.com/cybervan.html.We are interested in joining a team that is planning to prime TA1 and has substantial experience in working with hospital equipment and IT systems. We are looking for a position as a subcontractor on such a team.TA1: Vulnerability Mitigation Platform
Najaf ShahBoston Consulting Groupshah.najaf@bcg.comWashington, DCBCG helps multiple providers improve and optimize patient care through defining overall strategy and building industry leading secure technology towards this goal. We have a great understanding of the providers environment and the cybersecurity required and are looking for an industry-leading partner in deployed OT/IT cybersecurity technology to push forward the thinking and solutions in protecting healthcare facilities.Any compelling value proposition.TA1: Vulnerability Mitigation Platform, TA2: Hospital Equipment Emulation, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Thomas BaileyRiverside ResearchTBAILEY@RIVERSIDERESEARCH.ORGBeavercreek, OHWe are a DoD non-profit with capabilities in leveraging AI to perform automatic identification and remediation of common vulnerabilities within devices. This core competency drives our solutions on programs such as DARPA AIxCC. Further, Riverside Research possesses a strong portfolio of DoD research experience including DARPA HARDEN, HASH, EBOSS and a wide range of SBIR/STTR contracts.We seek partners with experience in medical devices and underlying medical hardware. We want to leverage our expertise in comprehensive cyber alongside that of experts within the hospital sector to produce a solution that allows for rapid identification and patching of legacy medical devices.TA4: Automated Remediation Development, TA3: Automated Vulnerability Detection
Om MahidaMedcryptom@medcrypt.comSeattle, WAVulnerability and exploit detection and automation capabilities. Researching automating patching, upgrades, and remediation workflows.Expertise in the other technical area to create a more complete set of solutions and tools.TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Adam CecchettiStaris AIadam@staris.techSeattle, WAStaris is ushering in a new era of application security called AI Hardened Computers. With usage of foundational models, our own custom models, and the Staris platform we’re creating virtual hackers to find, prove, and patch issues. These virtual hackers help organization keep their devices and systems permanently secure.Looking for a teaming parter that has experience with creation of digital twins of equipment in hospital environments.TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Travis DenardoRacktop Systemstdenardo@racktopsystems.comFulton, MDAPT, Malware, Ransomware, Insider Threat, Exfiltration, data manipulation detection and prevention.Integrate our cyber storage solution into the larger platform to protect systemsTA3: Automated Vulnerability Detection
Michael SchovelShee Atiká EnterprisesMichael.Schovel@sae-llc.netHuntsville, ALWe have an existing industry team that addresses automated vulnerability detection and suggested mitigation for SW systems, packages, open source inclusion, binaries, and firmware.Companies with niche or low TRL technology that solves a specific government problem. Partners do not need to be government contractors. We are sensitive to protection of IP.TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development
Michael PhillipsSLG INNOVATION, INCmichaelphillips@slginnovation.comChicago, ILCybersecurity use of AI to automatically detect and mitigate threats: protections and maintenance of Healthcare IOT devices.We need to assess the participants to determine possible best-of-breed solutions.TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development
Mehdi Tarrit MirakhorliUniversity of Hawaii; HawksbillMehdi23@hawaii.eduHonolulu, HIIndo-Pacific Cybersecurity Laboratory comprise of security researchers with expertise in manual and automated exploit generation, automated vulnerability analysis, attack surface analysis, and application of AI/ML techniques in vulnerability management.We are interested in teaming in TA3 and TA4. We bring wealth of experience in cognitive human behavior modeling, development of vulnerability detection, proof of exploit generation as well as human subject studies. We are interested in partners bringing gray hat, offensive and defensive experiences.TA3: Automated Vulnerability Detection, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development, TA1: Vulnerability Mitigation Platform
Sanjai RayadurgamUniversity of Minnesotarsanjai@umn.eduMinneapolis, MNThere are multiple faculty members with research interests in modeling and analysis of safety-critical systems, software testing, verification and maintenance, assurance techniques for autonomous systems, program analysis, understanding, transformation and hardening, secure-by-design, information flow, communication security and privacy.Expertise in medical system vulnerabilities, attacks, and mitigations, software supply-chain technologies, patching and update management, medical systems modeling and simulation.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development, TA1: Vulnerability Mitigation Platform
Andrew SurwiloCytex, Inc.drew@cytex.ioFrederick, MDWe have developed the first true AI powered platform that combines cybersecurity, GRC, and ComplianceOps for healthcare providers.    The Cytex Unified Resilience Platform   is the first true AI powered platform that combines cybersecurity, GRC, and ComplianceOps in a single solution providing continuous, automated cybersecurity risk surveillance across digital ecosystems.Hospitals, Hospital systems, Rural healthTA1: Vulnerability Mitigation Platform, TA2: Hospital Equipment Emulation, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Brindusa CurcaneanuNeuroPacebcurcaneanu@neuropace.comMountain View, CANeuroPace is a commercial-stage medical device company focused on transforming the lives of people suffering from epilepsy by reducing or eliminating the occurrence of debilitating seizures. Its novel and differentiated RNS® System is the first and only commercially available, brain-responsive platform that delivers personalized, real-time treatment at the seizure source. Our company is currently also looking into solutions for automating SW/FW vulnerability detection/remediation/patchingBrainstorm for solutions that can allow for FOTA and automating security patches.TA4: Automated Remediation Development
Julia KomissarchikGlendor, Incjulia@glendor.comDraper, UTWe at Glendor are on a quest to safeguard patients’ privacy by de-identifying Protected Health Information (PHI) automatically and at source.
Fully Automatic (unlike templates-based solutions that require customization and tweaking)
At Source (on site, behind customer firewall)
Easy to Integrate and Use (1 min to install and run)

Multiple Modalities Multiple Formats:
Medical Images (pixels and metadata)
PDFs and Documents
Videos and Photographs
Voice Recordings and Other Medical Data		Medical data is storage intensive, especially radiology imaging (MRIs, CT Scans, PET, ...)  and pathology imaging. By separating deidentified medical data from PHI (protected health information), it is possible to store them separately. By separating sensitive information from the rest, it is possible to apply different levels of security, thus reducing the risk of data vulnerability and expense of data protection.TA1: Vulnerability Mitigation Platform
Adron PorterGWU-MFAaporter@mfa.gwu.eduWashington, DCOur focus is overarching, targeting comprehensive remediation and advancement of the next generation of healthcare secure automated architecture with the ability for administrative validation.Technology based SMEs to provide insights on effective solutions to support secure architecture.TA1: Vulnerability Mitigation Platform, TA2: Hospital Equipment Emulation, TA3: Automated Vulnerability Detection, TA3: Automated Vulnerability Detection
Russell SchaeferBCGschaefer.russell@bcg.comWashington DC, DCSignificant provider experience, understanding of their environment, and the cybersecurity challenges involved with securing it. We do a lot of work around overall cybersecurity for providers and systems, working across their strategy and implemntation.BCG helps multiple providers improve and optimize patient care through defining overall strategy and building industry leading secure technology towards this goal. We have a great understanding of the providers environment and the cybersecurity required and are looking for an industry-leading partner in deployed OT/IT cybersecurity technology to push forward the thinking and solutions in protecting healthcare facilities.TA1: Vulnerability Mitigation Platform, TA2: Hospital Equipment Emulation, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
James RehgUniversity of Illinois Urbana-Champaignjrehg@illinois.eduUrbana-Champaign, ILCode generation using LLMs for emulation and simulationExpertise and track record in cybersecurity for medical devicesTA2: Hospital Equipment Emulation
Michael SheppardCommand Center Inc.msheppard@command-center.ioOrlando, FLOur organization has developed a semi-autonomous cybersecurity solution that enables our customers to identify, detect, remediate, prevent vulnerabilities in equipment, infrastructure and applications as well as protect production assets, improve cybersecurity resiliency and enforce HIPPA compliance plus more.We are looking to team with Healthcare and Hospital equipment vendors and researchers to understand what equipment and applications plus infrastructure we would need to provide support for with our Semi-Autonomous Cybersecurity platform.TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Ken ZalevskyVigilant Ops, Inc.ken.zalevsky@vigilant-ops.comPittsburgh, PAVigilant Ops is a thought leader in healthcare cybersecurity and has been actively working with FDA and others to advance hospital cybersecurity through automated lifecycle management of the software bill of materials (SBOM). Our platform solution automatically and continuously detects vulnerabilities using machine learning and patent-pending matching algorithms, and we continue to explore innovative research areas including advanced threat analysis and automated vulnerability remediation.As medical technology experts, we understand the unique cybersecurity challenges in healthcare and seek to partner with others to leverage our expertise. While we do not envision ourselves as the primary performer in this initiative, we are eager to contribute our specialized knowledge and technological solutions as a valuable team member.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development, TA2: Hospital Equipment Emulation
Pawan KohliBinary Bluepawan.kohli@binaryblue.comGaithersburg, MDHealthcare AI Consulting
Security for Health Systems
ETL for Security		Looking for partners with skills and relationships to help build, maintain, monitor Security at Hospitals at scale.TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development
Stephanie SoGeeqstephanie@stephanieso.ioBrentwood, TNGeeq's proprietary blockchains provide secure access controls for HIS. They simplify vulnerability detection, monitoring, and remediation by providing data for (1) authorized access to inappropriate requests and (2) denied access to appropriate requests, auditable on-chain in real-time. Encrypted copies of data are directed to virtual, on-demand clean rooms, conforming with zero-trust security principles. The solution scales to include remote locations, registered devices, and other endpoints.Geeq has secure, decentralized infrastructure built as a back-end for customized apps. Permissioned blockchains are accessible through APIs. We have successfully completed a pilot with a global supply chain middleware company. In this application, we would team with health care app developers for work on the front-end, compliant APIs, and medical IoT.  We would need input from pilot partners, health cybersecurity experts, and health care champions.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development, TA1: Vulnerability Mitigation Platform
Nathan TatumApplied Research Associatesntatum@ara.comRaleigh, NCAt ARA, we developed the Cyber Operations Lethality Effectiveness (COLE) simulation and testing tool to model cyber-physical systems, functional effects, and operational impact of vulnerabilities. We additionally have focus areas centered around biological data and plan to use this expertise to expand our cyber security modeling capabilities to better understand what data sources are being sought in healthcare systems and how to better protect them.Expertise in healthcare system operations and patient care. Expertise in vulnerability remediation and assurance techniques.TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform
Jill OlmsteadAccenturejill.olmstead@afs.comWashington, DCAccenture has invested $3B in AI, to include R&D. We are considering ways to use AI to improve cyber security.Novel capabilitiesTA3: Automated Vulnerability Detection
Philip ShenMSKCCshenp@mskcc.orgNew York, NYMedical Device SecurityMedical Device SecurityTA2: Hospital Equipment Emulation
José MenaDigital Twins Networkjmena@digitaltwinsnetwork.comSan Ramon, CAactiveSentinel™ creates high-fidelity digital twins for hospital equipment (Technical Area 2). Our AI and ML enhance vulnerability mitigation (Technical Area 1) and enable rapid detection and defense against software vulnerabilities (Technical Areas 3 and 4). With Deep Learning and Neural Networking, we ensure sophisticated vulnerability resolution. In production with DHS for five years, our research demonstrates its robust capabilities in safeguarding critical infrastructure.RemediationTA3: Automated Vulnerability Detection, TA2: Hospital Equipment Emulation, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Silvija Kokalj-FilipovicRowan Universitykokaljfilipovic@rowan.eduGlassboro, NJWe have multiple faculty working in the wide area of cyber-security, and additionally on the AI for signals and systems and outlier detection. We will  help with data analytics and vulnerability detection, as well as with the system implementation. The team members have been funded by NSF, DARPA and ONR, never by ARPA-H.  Rowan has Cooper Medical School, Rowan-Virtua School of Osteopathic medicine and the only School of Veterinary Medicine in NJ, so we can work with our hospitals and clinicians.We would like to team up with someone who has the experience building a hospital cyber-security digital twin.TA2: Hospital Equipment Emulation, TA3: Automated Vulnerability Detection
Jason WilliamsCromulence LLCjason.williams@cromulence.comMelbourne, FLVulnerability Research, Machine Learning and Automation, Digital Twin DevelopmentInterested in teams with experience with medical devices and device infrastructure / academic institutionsTA2: Hospital Equipment Emulation
Eric SmithKestrel Instituteewsmith@kestrel.eduPalo Alto, CAsoftware analysis, synthesis, and transformation, cybersecurity, formal methodsdomain expertise in health IT systems and medical device softwareTA4: Automated Remediation Development, TA3: Automated Vulnerability Detection, TA2: Hospital Equipment Emulation, TA1: Vulnerability Mitigation Platform
Jeff PerkinsAarno Labs LLCjhp@aarno-labs.comCambridge, MAAarno labs has extensive expertise in applying static and dynamic program analysis to find and patch program vulnerabilities and to uncover malicious behaviors. More specifically, we have deep expertise in mobile malware analysis, automatic bug finding, automatic program repair, automatic exploit generation, manual exploit generation, precise whole-program static analysis, low-overhead dynamic code instrumentation, program verification, and machine learning.We are looking for partners who are addressing TA1 and TA2.  We are interested in submitting integrated proposals that address the entire project. We are also interested in preliminary discussions of how our tools would integrate with TA1/TA2 performers for separate submissions. We are also interested in teams with expert hackers that we can work with to develop TA3 tools.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Camila Casas camachoT-Mobile for Governmentcamila.casascamacho1@t-mobile.comWashington, DCT-Mobile's research focuses on 5G's security innovations like end-to-end encryption and advanced authentication. In healthcare, we partner with Nebulosity Cloud, utilizing their activeSENTINEL platform to create high fidelity digital twins for hospital equipment, enhancing vulnerability mitigation and rapid detection. With AI and ML, we ensure secure patient data transmission, real-time defense, and HIPAA compliance, trusted by DHS for five years, we safeguard critical infrastructure.Mitigation and RemediationTA3: Automated Vulnerability Detection, TA2: Hospital Equipment Emulation, TA1: Vulnerability Mitigation Platform
Reza FatahiObjectSecurityreza@objectsecurity.comSan Diego, CAAt ObjectSecurity, our primary research areas are based on advancements to lifting and automated binary analysis for the detection of zero-day vulnerabilities.Potential teaming partners should be manual reverse engineering and mitigation firms and personnel who can beta test our mitigation strategies for iterative feedback and fine tuning. Additionally, manufacturers and vendors in hospital equipment hardware or emulators for benchmarking, sampling, and potential integration.TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Lin TanPurdue Universitylintan@purdue.eduWest Lafayette, INOur team’s expertise includes vulnerability detection, mitigation, and fixing, cybersecurity, software security, security-AI synergy, large language models, human-computer interaction, and software text analytics. Our team has extensive experience with many DARPA programs, ONR programs, and programs with other funding agencies.We are looking for expertise in TA1 Vulnerability Mitigation Platform (VMP), Whole-Hospital-Simulation (WHS), and TA2 Hospital Equipment Emulation.TA4: Automated Remediation Development, TA3: Automated Vulnerability Detection
Karlin McNeillPersistent Technology Inc.kmcneill@perstechinc.comAlexandria, VAOur research focuses on creating an automated Vulnerability Mitigation Platform within ServiceNow (SNOW) to enhance cybersecurity resilience in hospitals. Using SNOW's inventory management, automated response, change control, workflow automation, compliance tracking and analytics, we aim to enable proactive, scalable security updates, ensuring patient care continuity while mitigating cyber threats.We seek teaming partners with deep cybersecurity expertise, specifically in healthcare, with ServiceNow experience.TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development
Mark GriffinUndaunted Development LLCmark@undaunted.devArlington, VAUndaunted development combines deep experience in vulnerability research with the ability to communicate complex topics through custom visualizations.We're looking for partners who need extra expertise in using interactive visuals or diagrams to effectively communicate about complex topics.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development, TA1: Vulnerability Mitigation Platform
Kevin ChristopherQuantiscope PBCkevin@imaging.bioSalt Lake City, UTWe are a public benefit corporation launched from the Broad Institute of Harvard/MIT to enable broad use of AI-driven phenotyping technology for drug discovery and biomanufacturing applications. Our platform is suitable for high-content image analysis of fluorescent and brightfield images, and we are innovating in subcellular analysis with applications such as quality control of nanoparticle vaccines and gene therapies.We are looking for beta testers of our initial technology platform for screening of large drug libraries and/or archived images of biological assays. We are further looking for innovation partners to move our core technology of high-content imaging quantification into new application areas.TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development
Kevin SnowZeropointkevin@zeropointdynamics.comChapel Hill, NCOur focus is leveraging binary/source code analysis -- both static and dynamic/emulation techniques -- to extract semantic understandings of entities under analysis. We've applied these to vulnerability detection, expedited attack analysis/development, automatic CVE descriptions, revealing indicators of compromise in malware, decomposing software components and libraries, and more. We believe this research will prove crucial to modeling the "hacker" aspect of TA3.Our skillset is primarily the rapid prototyping of binary and source code analysis in a security-oriented, semantic, context. We're looking to team with an organization(s) that compliment this skillset. Collaboration with a TA2 team is crucial to integrate and add specificity to the tools and prototypes we have in mind for TA3, but also our skillset would strongly complement other TA3/4 proposals by providing a plethora of concrete and unique model inputs/features.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Yuan TianUCLAyuant@ucla.eduLos Angeles, CAOur research focuses on automatic vulnerability detection and patching (with program analysis, program synthesis, and machine learning), in particular in embedded systems. We also have experiences with digital twins for cyber-physical systems.We are looking for partners with hospital IT experiences.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Brian FrederickGuidePoint Securitybrian.frederick@guidepointsecurity.comHerndon, VAGuidePoint Security provides cybersecurity solutions and services that help organizations make better decisions. Our holistic approach enables organizations to identify threats, optimize resources, and integrate solutions that mitigate risk.  https://www.guidepointsecurity.com/Strategic partners and OEMs who need Cybersecurity expertiseTA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Chad ChasserOptiv + ClearSharkchad.chasser@optivclearshark.comHanover, MDCybersecurity Federal System IntegratorWe complement small & large businesses with deep cybersecurity SME’s, security products and services.TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Vasudevan NagendraSekyurity AIvnagendra@cs.stonybrook.eduRound Hill, VAWe are building AI-enabled Virtual assistants and digital twins that helps cloud and enterprise networks to secure their networks.Partners who could compliment us with their expertise in the areas of Vulnerability mitigation Platform and Automation remediation development. In addition, partners with exposure to health care infrastructure exposure and data are good to have.TA3: Automated Vulnerability Detection
Mark McCourtViakoo, Inc.mark.mccourt@viakoo.comMountain View, CA, CAThe Viakoo Action Platform manages all firmware updates, “zero-trust” certificate provisioning and management, and password enforcement. And Viakoo not only remediates IoT device vulnerabilities but enables them to rejoin the corporate network as full contributing citizens. We are researching an open (headless) solution and an AI module to speed response and remediation.After a healthcare facility identifies what IoT devices are on its network, the question is "Now what do we do about it?" Viakoo answers that question and solves the remediation issues at scale. We are seeking partners in the asset and SBOM discovery, vulnerability assessment and data engine space.TA4: Automated Remediation Development, TA1: Vulnerability Mitigation Platform
Sidra ShaikhBioPharma360info@biopharma360.comMcLean, VABioPharma360 is a life science services and solutions company with over 35 years of industry experience. Our team is comprised of experts in multiple areas such as: Clinical Studies, Data Management, and Technology Solutions. We are equipped to provide the project support team to assist with the planning, testing, execution, and management of the UPGRADE program.We are looking to support partners who have the capabilities to develop the technology and solutions to execute the goals of the UPGRADE program by providing our team of project management experts.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Silvija Kokalj-FilipovicRowan Universitykokaljfilipovic@rowan.eduGlassboro, NJThere are multiple faculty members with research  in AI-based modeling and analysis of cyber-physical systems/ signals and block chain.Hospital IT and equipment maintainers and cyber-testbed developersTA2: Hospital Equipment Emulation, TA3: Automated Vulnerability Detection
Kevin FuNortheastern Universitykf@kevinfu.comBoston, MAMedical device security.   https://spqrlab1.github.io/publications.html https://spqrlab1.github.io/papers/icd-study.pdf https://spqrlab1.github.io/papers/hanna-aed-healthsec11.pdf https://spqrlab1.github.io/papers/clark-healthtech13.pdf and https://www.csl.sri.com/users/neumann/cacm231.pdf https://spqrlab1.github.io/papers/fu-trustworthy-medical-device-software-IOM11.pdf https://www.modernhealthcare.com/article/20160914/NEWS/160919950/commentary-hospitals-need-better-cybersecurity-not-more-fearPartners that complement our architectural and design strengths and publication history in engineering, clinical workflow, and regulatory affairs for medical device security.  Partners are sought that can add value to our already committed hospital networks (both our rural and large HDOs) via the Archimedes Center for Health Care and Medical Device Cybersecurity at Northeastern University.TA2: Hospital Equipment Emulation, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development, TA1: Vulnerability Mitigation Platform
Matthew HarmonForAllSecuremharmon@forallsecure.comPittsburg, PAForAllSecure's Mayhem platform automates the detection of exploits and zero day vulnerabilities of binary applications and APIs as well as provides advanced SBOM/SCA analysis/scanning. Our platform ensures zero false positives and valuable reproduction and remediation information for developers to prioritize and resolve exploits.Mayhem solves one piece of the puzzle by automating exploit detection. A successful partner would leverage our platform to solve additional parts of the UPGRADE programs technical requirements.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Lee RosseySimSpacelee@simspace.comBoston, MASimSpace provides the highest fidelity cyber range (digital twin) to support the development and testing of cybersecurity solutions 

Capabilities include
- Tailored, high-fidelity environments
- Intelligent, host-based user emulation 
- Sophisticated, automated APT attack scenarios
- Network environments like hospitals with IT and OT systems (medical devices)
- Rapid data ingestion from production environments 
- Automated scoring and analytics of cybersecurity tool performance		We are looking to join a team that will prime TA1 and TA2.  We will host the simulated hospital network(s) that are built based on production data (digital twin), assisting with ingestion of production data, modeling user behaviors, run sophisticated attacks and support the testing of the candidate solutions. Ideally, our simulated network will integrate with organizations that emulate OT technology and deploy patching.TA1: Vulnerability Mitigation Platform, TA2: Hospital Equipment Emulation
Robert RidleyOSF Healthcare Systemsrobert.t.ridley@osfhealthcare.orgPeoria, ILOSF, a large nonprofit healthcare organization, is dedicated to advancing a zero-trust platform while providing exceptional clinical services and outstanding patient care. In addition, we offer healthcare cybersecurity expertise, consulting, and technical implementations to outside hospitals through a for-profit arm.We are looking to partner with technology companies to evaluate, pilot, and implement security tools, technologies and processes to help advance cybersecurity in our environment. Our goal is to ensure the highest level of security and protection for our patients and partners. We are committed to delivering the best in healthcare cybersecurity.TA4: Automated Remediation Development, TA2: Hospital Equipment Emulation, TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection
Greg GoodallCalyptix Securitygreg.goodall@calyptix.comCharolette, NCCalyptix specializes in advanced, easy to use network security solutions for small and mid-sized businesses .   Calyptix is a 17-yr old company with 300 MSP partners and thousands of users.  Calyptix' flagship product is AccessEnforcer, a UTM Firewall that protects your you network from cyberattacks, malware, spam and includes VPN, web filtering, bandwidth management and reporting. We back it up with a  award winning, US based support team.Those that would be interested in a sub that may integrate to your solutions and provide value add.TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection
Reuben CummingsNerevu Grouprcummings@nerevu.comPeoria, ILNerevu's research is centered on data and API security, process automation, and system integration. We leverage predictive analytics, agentic AI systems, and real-time interactive visualizations to accomplish these research goals. Our experience building and securing cloud IT infrastructure for healthcare organizations gives us unique insight into the challenges they face.We seek teaming partners with robust TA2 and TA4 capabilities who need support in TA3 and TA1 areas. Our goal is to augment the teams' skill-set so we can collaboratively provide a comprehensive solution.TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform
Eric GoodeTausighteric.goode@tausight.comBoston, MATausight has developed AI technology that can find and secure PHI (Protected Health Information) faster and more accurately than existing DLP solutions.  Tausight's AI is trained using a patented algorithm to find PHI on devices, data stores and cloud assets.  The result is powerful insights on how the PHI is being accessed, where its traveling and how it might be at risk.Tausight is looking to team with experts in TA1 and TA2 as we provide a comprehensive solution for TA3 & TA4.  We're also interested teaming with tech and cloud partners to cast an even wider net in workflow coverage.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Aaron WeismannMain Line Healthweismanna@mlhs.orgBryn Mawr, PAOur current area of research focus is development of a simulation environment based on internal needs. We're a five hospital system with multiple ambulatory sites and approximately 130 clinical practices. Our plan is to implement both a digital twin environment for predictive modeling with detection and mitigation capabilities to drive ZTNA and provide intelligent monitoring and management of threats. This would be accomplished by training an AI model on the existing threat landscape.We're looking for a partner that can supplement our work effort with the foundation for our AI model, device digital twins, and then the handoff to actual automated remediation.TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Peggy WuRTX Research Centerpeggy.wu@rtx.comEast Hartford, CTCognitive Science, Data Analytics, Behavioral Analytics, CybersecurityHealthcare SMETA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development
Brian FrederickGuidePoint Securitybrian.frederick@guidepointsecurity.comHerndon, VAGuidePoint Security provides cybersecurity solutions and services that help organizations make better decisions. Our holistic approach enables organizations to identify threats, optimize resources, and integrate solutions that mitigate risk.  https://www.guidepointsecurity.com/OEM/Solutions providers with applicable technologies and strategic services partners that can augment our team as our sole focus is CyberSecurity solutions and services.TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Lovina McMurchykry10 Corporationlovina@kry10.comSeattle, WAKry10 offers a secure operating system, app isolation and communication pathways for connected devices. Our OS can either be embedded into new medical devices or installed on a gateway appliance sitting in front of legacy devices. Our solution is based around seL4, a mathematically proven micro-kernel which can eliminate up to 98% of all critical vulnerabilities. We provide extensive developer tooling and also a secure update service.We are looking for TA1 and TA4 partners as we are an enabling technology in both of these areas. We provide isolation around medical devices which prevents any attacks from laterally migrating from the device into the network or vice versa. Our tools allow freedom of interference analysis to show what parts of a system may be compromised and to reduce this surface area. For TA4 our update service can deliver the vulnerability mitigations showing that code was delivered without interference.TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development
Hahna LatonickDark Wolf Solutionshahna.latonick@darkwolfsolutions.comHerndon, VADark Wolf Solutions, founded in 2013, blends cutting-edge technology with deep federal domain expertise. We excel in penetration testing, red teaming, security research, RMF, AI/ML, cloud solutions, Agile development, and DevSecOps. Partnering with DoD software factories,  innovation centers like DIU, and industry leaders like Google, we stay at the forefront of modernization and cybersecurity. For UPGRADE, we offer capabilities for automated vulnerability detection and remediation development.Dark Wolf Solutions is looking for partners with proven experience and capabilities to complement our expertise in automated vulnerability detection and remediation. We are also seeking partners with experience in the healthcare industry, including hospital environments and medical device manufacturing, system operations, security, and maintenance.TA4: Automated Remediation Development, TA3: Automated Vulnerability Detection
Adam BiddleVA Visn 23adam.biddle@va.govMinneapolis, MNWe are looking to implement configuration management as well as cybersecurity vulnerability management with one solution for Visn 23.We are looking for software developers who can unite commercial off the shelf software into a cohesive single pane of glass to allow include all skill levels of biomedical engineering information system management.TA1: Vulnerability Mitigation Platform
Kevin BilzerZetierkevin.bilzer@zetier.comArlington, VAFull spectrum cybersecurity capabilities, consulting, and services to meet the unique requirements of modern computer network operations. Focuses in development, emulation, reverse engineering, and vulnerability research on all major operating systems and architectures with deep investments in embedded, mobile, industrial control, command & control, telecommunications, and weapon systems.Medical device manufacturers with interest in assisting in helping create digital twins of relevant devices.TA3: Automated Vulnerability Detection, TA2: Hospital Equipment Emulation, TA1: Vulnerability Mitigation Platform
Mark McCourtViakoo, Inc.mark.mccourt@viakoo.comMountain View, CA, CAAutomated firmware patching, password policy enforcement, and certificate management of IoT and OT devices, at scale.Viakoo's remediation platform addresses key T4 requirements for UPGRADE. Viakoo is seeking teaming partners for T1, T2, and T3.TA4: Automated Remediation Development
Katherine ThompsonCyber Future Foundationkthompson@cyberfuturefoundation.orgDallas, TXSince 2016, Cyber Future Foundation has been actively engaged in bringing together a cross-section of global leaders in both industry, government and academia to look at collaborative ways to address the growing risks facing healthcare leaders when it comes to the protection of infrastructure and patient safety.In our partnership with Health ISAC, we are able to leverage our collective relationships with both industry and government. We welcome inquiries from those interested in supporting the development and delivery of research related to the goals and technical requirements of UPGRADE.TA1: Vulnerability Mitigation Platform, TA2: Hospital Equipment Emulation, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Ryan TorvikTulip Tree Technologytorvik@tuliptreetech.comMelbourne, FLDigital twins to enable better design, development, verification, and vulnerability identification and remediation of embedded medical devices. Under the DIGIHEALS contract, we are creating a baseline of cost for medical device manufactures to create high fidelity digital twins of medical equipment.We are looking for partners that are want to integrate their existing tool sets with the future of high fidelity full-system emulation.TA2: Hospital Equipment Emulation
Simone SassoliVirsec Systems Incssassoli@virsec.comSan Jose, CAOn visibility and protection of servers against zero day attacks, and minimizing patching.   Also, includes visibility and protection for Legacy calls.  Helps where EDRs don't.For an organization that is missing this capability.TA1: Vulnerability Mitigation Platform
John Eubank10x National Securityjohn@10xnatsec.comLeesburg, VADevelopment of cyber security for the next generation of internet connected devices and new data processing architectures.We are looking for teammates with healthcare device experience.TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection
Dick BrooksBusiness Cyber Guardian (BCG)dick@businesscyberguardian.comWestfield, MEBusiness Cyber Guardian works closely with DHS CISA on the development and implementation of "Secure By Design" principles and implementation steps defined in CISAs Secure Software Assurance Buyers Guide to ensure proper application of OMB requirements for vendors seeking to sell products to US Government entities that must acquire "secure software" products following regulations.Entities that are seeking US Government approval required for procurement "software risk assessments" to verify that products are properly applying US Government Supply Chain Risk Management expectations defined by CISAs Secure By Design, the CISA Secure Software Attestation Form and CISAs Secure Software Assurance Buyers Guide, pursuant to OMB procurement requirements.TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform
Michael LinkSturdy Healthmlink@sturdyhealth.orgAttleboro, MAWe are a 132 bed independent community hospital.We would like to be involved in improving cybersecurity in community hospitals with limited resources.TA1: Vulnerability Mitigation Platform
Ning ZhangWashington University in St. Louiszhang.ning@wustl.eduSt. Louis, MOOur research focuses on ensuring cyber-physical systems' safety and resiliency (medical systems in particular). Our past works include automatic vulnerability discovery and mitigation, real-time cyber-physical systems software security (control flow/data flow assurance),  medical system security (tissue engineering and medical device security), and medical IoT and AI (with the newly established institute on AIHealth). BJC (WashU) has a network of 28 Midwest hospitals.We are looking for teams to work together to develop practical solutions that can be deployed in the clinical environment.TA2: Hospital Equipment Emulation, TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development
Pelumi OlatinpoAlphaHillpelumi@alphahill.comGaithersburg, MDRevolutionary AI-driven vulnerability detection system for healthcare environments.Operational hospital or healthcare facility open to leveraging avant-garde technology to drastically improve patient outcomes.TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform
Karen KimbroVerizonkaren.kimbro@verizon.comAshburn, VAVerizon has the most secure global network,  we have implemented innovations in networking and a great deal of that is in the area  of cyber security.  We produce the annual data breach information report and a team of seasoned experts and experience in digital hospital and IoT to bring to the team.We would be looking to join a team and provide network resiliency and cyber security services (advisory, design, implementation) in hospital settings.TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform, TA2: Hospital Equipment Emulation, TA4: Automated Remediation Development
Chase MillionMillion Conceptschase@millionconcepts.comLouisville, KYMillion Concepts builds bespoke software solutions for scientific domain experts to fully leverage their data at scale. Much of our work is in support of NASA missions and scientists. We are experts at data and device archaeology, e.g. developing an understanding of the working of hardware to which we no longer have access from scant documentation and software / data artifacts --- but those instruments are in orbit around Mars rather than sitting in an operating room.We're interested in contributing our expertise understanding legacy hardware / software systems and / or building workable software solutions for domain experts, including decision-makers. Ideal partners would likely have SME in healthcare technology or digital security. Our company is fully remote within CONUS.TA2: Hospital Equipment Emulation, TA4: Automated Remediation Development, TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection
Leonard MarquezSomerset Recon Inc.leonard@somersetrecon.comSan Diego, CADigital twin technologies are available for Windows & Linux systems, but medical devices differ as they often interact with hardware peripherals & use embedded operating systems. Accurately replicating a medical device requires a deep understanding of its hardware, firmware, & remote systems. Our approach leverages virtualization, containers, & includes automated hardware & firmware analysis, along w/ support for a Hardware Abstraction Layer (HAL) enabling vulnerability detection.We are looking for teaming partners with expertise in device emulation, firmware extraction, and hardware analysis. Our approach involves gathering information through methods like automated imaging, PCB delayering, and schematic reconstruction. We aim to apply virtualization to replicate runtime conditions. The key challenge is developing a solution that integrates seamlessly into hospital environments and dynamically creates new profiles for devices as they connect to the network.TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Serena BrysonPhoenix Dwelling Consulting Solutions, LLCserenabryson@phoenixdwelling.comWashington, DCInformation Security Program Management including vulnerability management, asset management, risk management, attack surface management, threat modeling.Looking for partners with medical device experience.TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development
Eric BasuHaiku, Inceric@haikuinc.ioHenderson, NVVisualization using game engine technologyPartners looking for the capability to visualize capabilities for modeling and simulationTA2: Hospital Equipment Emulation, TA3: Automated Vulnerability Detection, TA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development
Ross OsbornePhase IIross.osborne@p2sc.netQuantico, VACybersecurity, Identity and Access Controls, Real-time Network and System Health and Hygiene (Awareness)We are seeking Upgrade primes open to looking at an innovative, in-use solution that is revolutionary in its approach to protecting our critical infrastructure.TA1: Vulnerability Mitigation Platform, TA3: Automated Vulnerability Detection, TA4: Automated Remediation Development, TA2: Hospital Equipment Emulation
Ryan ChowMetalware, Inc.ryan@metalware.ioSan Francisco, CAMetalware is an automated vulnerability detection platform for firmware. Our proprietary fuzzing engine emulates embedded devices to find deep vulnerabilities that go undetected by existing SAST/DAST tools. The engine performs automatic failure injection and provides human readable crash reports (including full trace and input vectors) that are easily explored using our Timeless Debugger. We've achieved state of the art performance in terms of coverage / speed.We're seeking partners with cybersecurity experience in healthcare, hospital environments, and medical devices.TA3: Automated Vulnerability Detection, TA2: Hospital Equipment Emulation, TA4: Automated Remediation Development
C Thomas (Tom) SavellGCASctsavell@gcas.netSan Marcos, CAGCAS is a cutting-edge technology services and products company with over 43 years of experience. We have developed government & commercial applications in modeling, simulation and analysis utilizing Data Analytics and Artificial Intelligence (AI) techniques with emphasis on reasoning under uncertainty, including the design and development of the Cyber Attack Forecasting System (CAFS) used to predict a cyberthreat’s future maneuvers in compromised networks using an approach appropriate for TA3.GCAS intends to submit a BIT Module proposal for TA3. We are looking for collaboration partners to help in the development effort. Specifically, we are looking for partners with expertise/skill in two separate areas: 1) hospital instrumentation expertise, and 2) skill in parallel processing programming on GPUs in Native Java and/or Python. We would also be interested in becoming a subcontractor in a larger team of collaborators. Contract Tom Savell at 442-888-2820 ASAP.TA3: Automated Vulnerability Detection, TA2: Hospital Equipment Emulation
Chris UssermanInfobloxcusserman@infobloxfederal.comSanta Clara, CAthreat and malware prevention, detection and response; DNS security (protective DNS, encrypted DNS, DDoS protection, etc.); DNS telemetry and threat hunting; DNS-based SecOps monitoring, detection and response that support hybrid and multi-cloud environment; unified DNS & DHCP management and asset visibility across multiple platforms (cloud, multi-cloud, virtual, bare-metal), automation and orchestration across the ecosystem.We are looking for platform providers and prime contractors/integrators who need DNS-based cybersecurity capability to detect and stop cyberattacks before they occur using DNS telemetry data, prevent connections to malicious internet destinations earilier in the attack sequence, and to speed up detection and response using DHCP and IPAM data for network attribution and full asset visibility across hybrid and multi-cloud environmentTA1: Vulnerability Mitigation Platform, TA4: Automated Remediation Development, TA3: Automated Vulnerability Detection