Skip to main content

Contracts

Team with IntelliGenesis 

Contact Us

IntelliGenesis supports numerous active contracts across a wide variety of DoD and commercial customers. For details on some of our federal contracts and information on how to acquire our products, services and expertise, check out the descriptions below.

Government/Commercial

Vehicles

AI Talent 2.0 Basic Ordering Agreement (BOA) 

Period of Performance:  6 MAY 2023 – 5 MAY 2028 
Contract Number: W519TC-23-G-0024 

Read More

The AI Talent 2.0 contract vehicle is focused on strengthening and integrating data, artificial intelligence, and digital solutions across the DoD by building a strong foundation for data, analytic, and AI-enabled capabilities to be developed and fielded at scale. Part of this foundation is ensuring the DoD has the necessary people, platforms, and processes needed to continuously provide business leaders and warfighters with agile solutions. The BOA is decentralized and open to all DoD agencies and may be awarded from by utilizing a local contracting office or by contacting Army Contracting Command – _Rock Island (ACC-RI) for acquisition support if no contracting office exists. Contracting Offices shall utilize the AI Talent 2.0 Ordering Guide for the preparation, solicitation, evaluation, and award of task orders. 

DoD Defense Cyber Crime Center (DC3) Enhanced Cyber Defense Sensor Program

Period of Performance: 15 SEP 2023 – 14 SEP 2028
Contract Number: xxxxxxxxx0008

Read More

In response to persistent and increasingly sophisticated malicious cyberspace campaigns that aim to compromise critical defense information residing on Defense Industrial Base (DIB) networks, the DC3 contract vehicle was established to defend the DIB from cyber adversaries that aim to compromise defense information and threaten national security interests. Under DC3, IntelliGenesis develops comprehensive solutions for cyber defense composed of physical and virtualized network sensors that utilize a combination of machine learning/artificial intelligence, advanced analytics as well as rule-based, signature-based, heuristics-based, and behavioral-based detection to detect suspicious activities on DIB networks. Our solutions are scalable and tailored to meet the needs of each participating DIB partner, whether a small company with limited IT resources or a mid-size company with a mature framework for cyber defense.

Ordering available through DC3’s DoD-Defense Industrial Base (DIB) Collaborative Information Sharing Environment (DCISE) website (https://www.dc3.mil/).

Email: dc3.dcise@us.af.mil.

Phone: 410-981-0104.

GSA Multiple Award Schedule (MAS)

Period of Performance: 16 AUG 2016 – 15 AUG 2036 
Contract Number: GS-35F-460DA

Read More

The GSA MAS contract vehicle consolidates 24 previous GSA Schedule contracts and over 900 Special Item Numbers (SIN) into a single contract vehicle with better defined service areas. GSA MAS provides customers an intuitive platform to find Contractors with the products and services they need for mission-critical operations. Click here to view IntelliGenesis’ current Pricelist for SINs: 

  • 54151HACS – Highly Adaptive Cybersecurity Services 
  • 54151S – Information Technology Professional Services 
  • 611420 – Information Technology Training  

We also offer a range of cybersecurity training programs for classes of any size: 

  • Security Onion Basic Course 
  • Security Onion 2: Fundamentals for Analysts & Admins 
  • Security Onion 2: Detection Engineering and Analysis In-Depth 
  • Basic Malware Analysis 
  • Introduction to Python 
  • Cyber Threat Intelligence Tradecraft 
  • Applied Data Science for Cyber Operations 

    GSA MAS Past Performance
    Directorate of Intelligence (J2) Intelligence Operation Support

    Period of Performance: 30 SEPT 2018-29 SEPT 2022 (original contract) / 30 SEPT 2022-29 SEPT 2027 (recompete)
    Contract Number: #HC102818F1665 (original contract) / #HC102822F1177 (recompete)

    IntelliGenesis’ J2 contract plans, coordinates, integrates, and synchronizes full spectrum analysis and production of all-source intelligence to support JFHQ-DODIN’s ability to direct the operation of defense of the DODIN. Our J2 Intelligence Operation Support contract provides defensive cybersecurity operations services including intelligence analysis, threat attribution and response, and cyber forensic examination (cyber defense technical analysis). Our analysts monitor overall security of the DoD information network to include providing Indicators of Compromise (IOC) and potential threat adversary activity; provide analysis of Information Assurance/ Computer Network Defense activities on DoD systems and make recommendations for JFHQ-DODIN defensive actions to protect the DODIN.

    • Differentiators:
      • Cross Functional Teams (CFT): Newly created CFTs have improved the management of nation-state threat actor activities and overall defensive posture across the DODIN
      • Cyber Plans, Training, and Exercises: IntelliGenesis’ exercise planners perform multiple functions like synthesizing inter-agency training objectives into Joint Master Scenario Event Lists that help the JFHQ-DODIN deliver complex cyber exercises and increase operator readiness.

    SBIR/STTR

    KrakenAI

    SBIR Topic: Open Call for Innovative Defense-Related Dual-Purpose Technologies/Solutions with a Clear Air Force Stakeholder Need
    Internal Project Name: KrakenAI
    Dates of Contract: 15 MAY 2024 – 30 AUGUST 2024
    Contract Number: ********P0910

    Read More

    Current Generative AI (GAI) models face significant challenges when adapted and applied in DoD contexts, including the inability to access proprietary or classified data, reliance on pre-existing training data that may be outdated or unreliable, a lack of scalability, and inherent model bias. These models also often require substantial computational resources to function effectively, which limits their deployment in edge-computing scenarios where power and processing capabilities are constrained. KrakenAI is a groundbreaking Large Language Model (LLM) and conversational AI solution specifically designed to support cybersecurity analysts, particularly those operating in remote, bandwidth-limited regions. Through a Question & Answer and summarization-optimized LLM, KrakenAI uniquely addresses the dual needs of keeping analysts updated on evolving threat patterns and vulnerabilities while providing decision-making support to aid in defense and mitigation responses. Built on a sophisticated 70-billion parameter model, KrakenAI leverages layered model training which combines relevant cybersecurity datasets from Open-Source Intelligence (OSINT), Publicly Available Information (PAI), and classified sources to create highly specialized models, understand complex queries, and provide accurate responses, even without continuous internet access. These models are finely tuned to mission-critical requirements, ensuring that KrakenAI remains agile and capable of delivering real-time, actionable insights. In the cybersecurity domain, KrakenAI leverages datasets such as the MITRE ATT&CK framework, which enhances its predictive capabilities for identifying and mitigating evolving threats. By staying current with adversarial tactics, techniques, and procedures, KrakenAI ensures it is always contextually relevant for national security purposes. Its domain-specific adaptability means KrakenAI evolves alongside adversarial advancements, offering a future-proof solution to rapidly changing security challenges.

    Technologies

    • Advanced Text Generation Techniques: Enhanced result diversity and relevance with a focus on providing cognitive support to amplify analysts’ decision-making capabilities
    • Retrieval Augmented Generation (RAG) and Specialized Fine-Tuning for the Cybersecurity domain: Incorporates diverse datasets spanning general AI, cyber analyst insights, threat intelligence feeds, MITRE ATT&CK framework, and others to ensure dynamic, accurate, and contextually-relevant cybersecurity responses
    • Distributed Computing: Resource optimization provides enhanced application speed, efficiency, and cost-effectiveness
    • Session Management: Secure, persistent session management, allowing for personalized user experiences and consistent data storage
    • Data Persistence and Caching: Essential datasets cached locally to boost application speed, enable real-time insights even without connectivity, and provide the groundwork for user-driven question analytics

    Differentiators

    • Security and Resiliency: Incorporation of only trusted data sources, eliminating the risk of next-generation data poisoning events; user data is processed locally, ensuring sensitive or proprietary data is not exposed to third parties, leading to critical confidential and security data breaches
    • Explainable and Trusted Answers: Programmed to deliver decision-support information with verifiable documentation and accurate citations
    • Flexible deployment: Able to be deployed and operated on-premise, at the edge, and with zero internet connectivity; KrakenAI can run inference on pre-trained models without internet access, providing real-time insights by caching mission-relevant data locally.

    Customers

    • DOD
    • Other government agencies
    • Administrative IT departments in tech companies, financial institutions, and healthcare institutions

    TACTICS

    SBIR Topic: Accelerated Learning Model for Increased Strategic and Tactical Decision Making Using Multi-player Games (N211-082)
    Internal Project Name: TACTICS
    Dates of Contract: 7 JUN 2021 – 7 DEC 2021
    Contract Number: ********C0415

    Read More

    IntelliGenesis developed a multiplayer game to accelerate learning and mastery of strategic and tactical urban combat skills for active-duty warfighters, internally called Tactical Analytical Cognitive Training for Interactive Combat Simulation (TACTICS) (SBIR Phase I). TACTICS is a first-person shooter (FPS), developed using the Unity game engine, which places the player in realistic combat situations which test their situational awareness, communication skills, and tactical decision-making. TACTICS provides the ability to train anywhere, even from home. By not requiring advanced hardware or software, TACTICS makes urban combat training readily available. This enables much more training repetition, resulting in increased proficiency in the trained skills over a shorter time period.

    Technologies

    • Game Design: Game objectives and feedback mechanisms to provide the user an engaging training environment
    • Behavioral Modeling: Creating in-game agents that behave like real humans
    • Potential Future: Developing new strategies through Reinforcement Learning AI techniques where the game learns how to play itself by playing millions of times against an ever-improving version of itself. This is the same technique used to train the best Chess and Go AI agents.

    Differentiators

    • Individualized Specific Feedback: Players receive more than just a score and basic statistics after a mission. They receive specific feedback that describes improvements based on the actions they performed during play.
    • Spectator Mode: Non-players (such as a commander or instructor) can observe the gameplay live without interacting with players or adversaries, enabling human commentary and feedback as well. In the future we can also allow users to watch replays with DVR style controls.
    • De-emphasized mechanical skill: Mouse and keyboard skill does not translate to real urban combat proficiency and is not what we want to train. We deemphasize its importance by not requiring pinpoint accuracy in shooting that is typical of other FPS games.
    • Enemy AI: Enemies have multiple behavioral profiles, with the capability to add more. This alleviates need for role players and enables more accurate scenario planning by using behavior profiles appropriate to the expected adversary.
    • Playable Small Scale: This is designed for a standard 4 player fire team (but can scale to much larger, at least 8). It also has minimal system requirements. Any typical modern laptop could run it fine, and you just need a network connection to play with others. No top end gaming computer needed, and no central server that it must call home to.

    Customers

    • DOD
    • Law Enforcement
    • Bohemia Interactive

    CYBERSPAN®

    SBIR Topic: Machine Learned Cyber Threat Behavior Detection (SCO 203-001)
    Internal Project Name: CYBERSPAN®
    Dates of Contract: 20 DEC 2021 – 19 DEC 2023
    Contract Number: ********C0006

    CYBERSPAN® is accessible to both government and commercial customers through our IG Labs Products page, or to government-only customers on the Tradewinds Solutions Marketplace which demonstrates multiple use cases in which we provide Defense Industrial Base (DIB) Small Businesses with a capability to constantly analyze their network’s behavior to identify potential threats and anomalies. IntelliGenesis was recognized among a competitive field of applicants whose solutions demonstrate innovation, scalability, and potential impact on DoD missions.

    Read More

    One of CYBERSPAN®’s primary objectives is to provide fundamental cyber protection for small to medium sized Defense Industrial Base (DIB) companies in the DoD supply chain that do not have the resources and expertise to secure their own networks. It protects against malicious and anomalous activities that could compromise DoD data and intellectual property. CYBERSPAN® is a plug and play solution at the network boundary that can be installed and run without the maintenance burden.

    Technologies

    • Network Traffic Analysis: Captures and analyzes all traffic on the user’s network. Unsupervised Anomaly Detection: CYBERSPAN® learns what is normal for your network without being told. Then it will alert users to anomalous traffic that does not match its learned norms.
    • Malicious Attack Identification: Traffic and anomalies matching known malicious patterns are mapped to MITRE ATT&CK Framework Tactics, Techniques, and Procedures (TTPs)
    • Integration with Other Intrusion Detection Systems: Generates events and adjusts priority based on enrichment data from other IDS’s such as Suricata.

    Differentiators

    • Agent-less Setup: CYBERSPAN® does not require agents installed on every system. It operates at the network switch. This reduces maintenance and system administration burden while also providing results for networks where administrators do not control all the devices (such as open Wi-Fi at airports or hospitals).
    • Does not decrypt traffic: Users’ privacy is preserved as CYBERSPAN® does not decrypt or view the content of network traffic. It operates only on metadata such as to/from IPs, ports, and packet sizes.
    • Detects anomalous traffic on non-traditional network devices: Devices such as Smart TVs, Alexas, and Google Homes generate network traffic, but cannot be monitored by traditional agent-based network security systems. CYBERSPAN® is able to collect and analyze this traffic and highlight anomalies.

    Customers

    • Small to Medium size businesses without cybersecurity expertise on staff
    • DOD/DC3
    • Locations which provide free and open Wi-Fi
      • Airports
      • Hospitals
      • Hotels

    WATCHTOWER

    STTR Topic: Human Behavior Analytics Tool (HBAT)
    Internal Project Name: WATCHTOWER:
    Dates of Contract: 8 JUN 2020 – 8 JAN 2021
    Contract Number: ******-**-P-0012

    Read More

    IntelliGenesis LLC developed WATCHTOWER (STTR Phase 1), a tool using AI to make suicide risk predictions based on personnel records instead of medical records. These records are readily available for all service members and regularly updated, whereas individuals’ medical records may only exist for issues brought up by the subjects, themselves. Generating accurate predictions based on personnel records would have a dramatic impact on the ability to help potential victims before it is too late. The ability to utilize new data sources in addition to medical records will also drastically expand the breadth of potential indicators that can be detected and addressed.

    Technologies

    • Suicide Prevention AI: Uses multiple AI models to predict an employee’s level of risk for suicide based on personnel data (demographics, age, salary, leave usage, performance reviews, etc.)
    • Dashboard Visualization: Customizable visualization of highest risk employees and employees with largest changes over the last week/month
    • Natural Language Processing (NLP): Analyzes plain unstructured text performance reviews for sentiment and incorporates that into the risk assessment.

     Differentiators

    • Dr. Craig Bryan, Ohio State University: Dr. Bryan is a worldwide leader on veteran suicide and a veteran himself. He has published over 100 works on the topic. He consulted with us extensively and contributed to algorithm and interface design. Upon completion of the project, he said he was very willing to work with us in the future on this or other related projects.
    • Personnel data: Countless studies have been done using medical data as input to the AI models. But medical data tends to be incomplete and is much harder to access legally. Personnel data (especially in the military/DOD use case) is much more abundant, complete, and accessible making it a potentially stronger data set.
    • Multiple models combined: Rather than just one AI model, our system is designed to be flexible and work with multiple models as plug and play modules that can be changed based on the data available to any particular customer.

    Customers

    • DOD
    • Reserves
    • Law Enforcement

    RIALTO

    SBIR Topic: Forensic Models of Cyberspace Behaviors (N19A-T021)
    Internal Project Name: RIALTO
    Dates of Contract: 3 JUN 2019 – 9 DEC 2019
    Contract Number: ********C0350

    Read More

    Advanced Persistent Threats (APTs) use a variety of methods to disrupt and destroy cyber operations of their targets but, by performing a deeper examination of these methods, we can discern new information and connections between APTs to better protect against attacks. RIALTO is a tool designed to predict the cyber behavior of APTs by looking at the Tactics, Techniques, and Procedures (TTPs) used by similar APTs. By modeling their historical TTP use and applying advanced machine learning techniques, we can predict what kinds of attacks an APT may launch in the future.

    In this project, we utilize TTPs documented in MITRE’s ATT&CK Framework to develop threat models which illuminate the hidden relationships and commonalities between separate APTs and allow us to predict possible future activity. By applying clustering techniques, we determine peer groups of similar APTs based on their unique combinations of TTP usage. These TTPs range broadly from highly technical methods such as DLL hijacking, to social engineering techniques like Spearphishing. In the future, we will soon expand this to include specific software usage and known targets. Using these peer groups and collaborative filtering techniques, we can develop “recommended” TTPs for an APT: TTPs that groups similar to them have used and that we can expect the new APT to use in the future.

    Predicting future TTPs can enable targeted organizations to better prepare their networks and users for attacks. Software updates can be prioritized based on likely attack vectors and users can be alerted to specific potential methods attackers may use to gather their information.

    These predictions are also incorporated in our “Attacker Search” capability in which the user can enter known information about a cyber threat (such as TTPs used, target, purpose, etc.) and receive a list of possible APTs that match that criteria. RIALTO incorporates trusted APT data and pulls the latest threat information from the MITRE ATT&CK database (attack.mitre.org) and MISP Threat Intelligence (misp-project.org). This feature enables users to quickly attribute attacks based on the historical footprint of APTs.

    Technologies

    • Recommender Systems: Collaborative filtering machine learning models use similarity between APTs to predict future behavior
    • Cyber Early Warning: Provides advanced notice of future attacks that cyber defenders can use to prioritize defensive measures and software patching
    • Cyber Attack Attribution: Find malicious cyber threat groups who’s past activities matches a user-defined profile

  • Differentiators

    • Integration with MITRE ATT&CK Framework: ATT&CK is the standard for defining cyber-attack vectors and vulnerabilities. RIALTO speaks that language.
    • APT Biographical Information Enrichment: ATT&CK’s data is enriched with other data about APTs such as their known targets, suspected state sponsors, and motives to improve prediction accuracy.
    • Customizable Architecture: The system is designed to allow users to create their own sandbox of known APT and TTP data and run predictions based on these datasets which may not be publicly available.

    Customers

    • DOD
    • Other government agencies
    • Defense Industry Partners (anyone who may be targeted by an APT)

    • Industry

    IntelliGenesis is proud to team with industry leaders whose innovative ideas and connections help us deliver advanced services and products to improve customer missions. For support with your next project, contact us anytime!