Contracts
Team with IntelliGenesis
IntelliGenesis supports numerous active contracts across a wide variety of DoD and commercial customers. For details on some of our federal contracts and information on how to acquire our products, services and expertise, check out the descriptions below.
Government/Commercial
Vehicles
GSA Multiple Award Schedule (MAS)
Period of Performance: 16 AUG 2016 – 15 AUG 2036
Contract Number: GS-35F-460DA
The GSA MAS contract vehicle consolidates 24 previous GSA Schedule contracts and over 900 Special Item Numbers (SIN) into a single contract vehicle with better defined service areas. GSA MAS provides customers an intuitive platform to find Contractors with the products and services they need for mission-critical operations. Click here to view IntelliGenesis’ current Pricelist for SINs:
- 54151HACS – Highly Adaptive Cybersecurity Services
- 54151S – Information Technology Professional Services
- 611420 – Information Technology Training
We also offer a range of cybersecurity training programs for classes of any size:
- Security Onion Basic Course
- Security Onion 2: Fundamentals for Analysts & Admins
- Security Onion 2: Detection Engineering and Analysis In-Depth
- Basic Malware Analysis
- Introduction to Python
- Cyber Threat Intelligence Tradecraft
- Applied Data Science for Cyber Operations
GSA MAS Past Performance
Directorate of Intelligence (J2) Intelligence Operation Support
Period of Performance: 30 SEPT 2018-29 SEPT 2022 (original contract) / 30 SEPT 2022-29 SEPT 2027 (recompete)
Contract Number: #HC102818F1665 (original contract) / #HC102822F1177 (recompete)
- Differentiators:
- Cross Functional Teams (CFT): Newly created CFTs have improved the management of nation-state threat actor activities and overall defensive posture across the DODIN
- Cyber Plans, Training, and Exercises: IntelliGenesis’ exercise planners perform multiple functions like synthesizing inter-agency training objectives into Joint Master Scenario Event Lists that help the JFHQ-DODIN deliver complex cyber exercises and increase operator readiness.
AI Talent 2.0 Basic Ordering Agreement (BOA)
Period of Performance: 6 MAY 2023 – 5 MAY 2028
Contract Number: W519TC-23-G-0024
The AI Talent 2.0 contract vehicle is focused on strengthening and integrating data, artificial intelligence, and digital solutions across the DoD by building a strong foundation for data, analytic, and AI-enabled capabilities to be developed and fielded at scale. Part of this foundation is ensuring the DoD has the necessary people, platforms, and processes needed to continuously provide business leaders and warfighters with agile solutions. The BOA is decentralized and open to all DoD agencies and may be awarded from by utilizing a local contracting office or by contacting Army Contracting Command – _Rock Island (ACC-RI) for acquisition support if no contracting office exists. Contracting Offices shall utilize the AI Talent 2.0 Ordering Guide for the preparation, solicitation, evaluation, and award of task orders.
DoD Defense Cyber Crime Center (DC3) Enhanced Cyber Defense Sensor Program
Period of Performance: 15 SEP 2023 – 14 SEP 2028
Contract Number: xxxxxxxxx0008
In response to persistent and increasingly sophisticated malicious cyberspace campaigns that aim to compromise critical defense information residing on Defense Industrial Base (DIB) networks, the DC3 contract vehicle was established to defend the DIB from cyber adversaries that aim to compromise defense information and threaten national security interests. Under DC3, IntelliGenesis develops comprehensive solutions for cyber defense composed of physical and virtualized network sensors that utilize a combination of machine learning/artificial intelligence, advanced analytics as well as rule-based, signature-based, heuristics-based, and behavioral-based detection to detect suspicious activities on DIB networks. Our solutions are scalable and tailored to meet the needs of each participating DIB partner, whether a small company with limited IT resources or a mid-size company with a mature framework for cyber defense.
Ordering available through DC3’s DoD-Defense Industrial Base (DIB) Collaborative Information Sharing Environment (DCISE) website (https://www.dc3.mil/).
Email: dc3.dcise@us.af.mil.
Phone: 410-981-0104.
SBIR/STTR
RIALTO
SBIR Topic: Forensic Models of Cyberspace Behaviors (N19A-T021)
Internal Project Name: RIALTO
Dates of Contract: 3 JUN 2019 – 9 DEC 2019
Contract Number: ********C0350
Advanced Persistent Threats (APTs) use a variety of methods to disrupt and destroy cyber operations of their targets but, by performing a deeper examination of these methods, we can discern new information and connections between APTs to better protect against attacks. RIALTO is a tool designed to predict the cyber behavior of APTs by looking at the Tactics, Techniques, and Procedures (TTPs) used by similar APTs. By modeling their historical TTP use and applying advanced machine learning techniques, we can predict what kinds of attacks an APT may launch in the future.
In this project, we utilize TTPs documented in MITRE’s ATT&CK Framework to develop threat models which illuminate the hidden relationships and commonalities between separate APTs and allow us to predict possible future activity. By applying clustering techniques, we determine peer groups of similar APTs based on their unique combinations of TTP usage. These TTPs range broadly from highly technical methods such as DLL hijacking, to social engineering techniques like Spearphishing. In the future, we will soon expand this to include specific software usage and known targets. Using these peer groups and collaborative filtering techniques, we can develop “recommended” TTPs for an APT: TTPs that groups similar to them have used and that we can expect the new APT to use in the future.
Predicting future TTPs can enable targeted organizations to better prepare their networks and users for attacks. Software updates can be prioritized based on likely attack vectors and users can be alerted to specific potential methods attackers may use to gather their information.
These predictions are also incorporated in our “Attacker Search” capability in which the user can enter known information about a cyber threat (such as TTPs used, target, purpose, etc.) and receive a list of possible APTs that match that criteria. RIALTO incorporates trusted APT data and pulls the latest threat information from the MITRE ATT&CK database (attack.mitre.org) and MISP Threat Intelligence (misp-project.org). This feature enables users to quickly attribute attacks based on the historical footprint of APTs.
Technologies
- Recommender Systems: Collaborative filtering machine learning models use similarity between APTs to predict future behavior
- Cyber Early Warning: Provides advanced notice of future attacks that cyber defenders can use to prioritize defensive measures and software patching
- Cyber Attack Attribution: Find malicious cyber threat groups who’s past activities matches a user-defined profile
Differentiators
- Integration with MITRE ATT&CK Framework: ATT&CK is the standard for defining cyber-attack vectors and vulnerabilities. RIALTO speaks that language.
- APT Biographical Information Enrichment: ATT&CK’s data is enriched with other data about APTs such as their known targets, suspected state sponsors, and motives to improve prediction accuracy.
- Customizable Architecture: The system is designed to allow users to create their own sandbox of known APT and TTP data and run predictions based on these datasets which may not be publicly available.
Customers
- DOD
- Other government agencies
- Defense Industry Partners (anyone who may be targeted by an APT)