IntelliGenesis supports numerous active contracts across a wide variety of DoD and commercial customers. For details on some of our federal contracts and information on how to acquire our products, services and expertise, check out the descriptions below.



GSA Multiple Award Schedule (MAS) 

Period of Performance: 16 AUG 2016 – 15 AUG 2036
Contract Number: GS-35F-460DA

Read More

The GSA MAS contract vehicle consolidates 24 previous GSA Schedule contracts and over 900 Special Item Numbers (SIN) into a single contract vehicle with better defined service areas. GSA MAS provides customers an intuitive platform to find Contractors with the products and services they need for mission-critical operations. Click here to view IntelliGenesis’ current Pricelist for SINs: 

  • 54151HACS – Highly Adaptive Cybersecurity Services 
  • 54151S – Information Technology Professional Services 
  • 611420 – Information Technology Training  

We also offer a range of cybersecurity training programs for classes of any size: 

  • Security Onion Basic Course 
  • Security Onion 2: Fundamentals for Analysts & Admins 
  • Security Onion 2: Detection Engineering and Analysis In-Depth 
  • Basic Malware Analysis 
  • Introduction to Python 
  • Cyber Threat Intelligence Tradecraft 
  • Applied Data Science for Cyber Operations 

    GSA MAS Past Performance
    Directorate of Intelligence (J2) Intelligence Operation Support

    Period of Performance: 30 SEPT 2018-29 SEPT 2022 (original contract) / 30 SEPT 2022-29 SEPT 2027 (recompete)
    Contract Number: #HC102818F1665 (original contract) / #HC102822F1177 (recompete)

    IntelliGenesis’ J2 contract plans, coordinates, integrates, and synchronizes full spectrum analysis and production of all-source intelligence to support JFHQ-DODIN’s ability to direct the operation of defense of the DODIN. Our J2 Intelligence Operation Support contract provides defensive cybersecurity operations services including intelligence analysis, threat attribution and response, and cyber forensic examination (cyber defense technical analysis). Our analysts monitor overall security of the DoD information network to include providing Indicators of Compromise (IOC) and potential threat adversary activity; provide analysis of Information Assurance/ Computer Network Defense activities on DoD systems and make recommendations for JFHQ-DODIN defensive actions to protect the DODIN.

    • Differentiators:
      • Cross Functional Teams (CFT): Newly created CFTs have improved the management of nation-state threat actor activities and overall defensive posture across the DODIN
      • Cyber Plans, Training, and Exercises: IntelliGenesis’ exercise planners perform multiple functions like synthesizing inter-agency training objectives into Joint Master Scenario Event Lists that help the JFHQ-DODIN deliver complex cyber exercises and increase operator readiness.

    AI Talent 2.0 Basic Ordering Agreement (BOA) 

    Period of Performance:  6 MAY 2023 – 5 MAY 2028 
    Contract Number: W519TC-23-G-0024 

    Read More

    The AI Talent 2.0 contract vehicle is focused on strengthening and integrating data, artificial intelligence, and digital solutions across the DoD by building a strong foundation for data, analytic, and AI-enabled capabilities to be developed and fielded at scale. Part of this foundation is ensuring the DoD has the necessary people, platforms, and processes needed to continuously provide business leaders and warfighters with agile solutions. The BOA is decentralized and open to all DoD agencies and may be awarded from by utilizing a local contracting office or by contacting Army Contracting Command – _Rock Island (ACC-RI) for acquisition support if no contracting office exists. Contracting Offices shall utilize the AI Talent 2.0 Ordering Guide for the preparation, solicitation, evaluation, and award of task orders. 

    DoD Defense Cyber Crime Center (DC3) Enhanced Cyber Defense Sensor Program

    Period of Performance: 15 SEP 2023 – 14 SEP 2028
    Contract Number: FA714623R0008

    Read More

    In response to persistent and increasingly sophisticated malicious cyberspace campaigns that aim to compromise critical defense information residing on Defense Industrial Base (DIB) networks, the DC3 contract vehicle was established to defend the DIB from cyber adversaries that aim to compromise defense information and threaten national security interests. Under DC3, IntelliGenesis develops comprehensive solutions for cyber defense composed of physical and virtualized network sensors that utilize a combination of machine learning/artificial intelligence, advanced analytics as well as rule-based, signature-based, heuristics-based, and behavioral-based detection to detect suspicious activities on DIB networks. Our solutions are scalable and tailored to meet the needs of each participating DIB partner, whether a small company with limited IT resources or a mid-size company with a mature framework for cyber defense. 

    Ordering available through DC3’s DoD-Defense Industrial Base (DIB) Collaborative Information Sharing Environment (DCISE) website (
    Phone: 410-981-0104.



    SBIR Topic: Forensic Models of Cyberspace Behaviors (N19A-T021)
    Internal Project Name: RIALTO
    Dates of Contract: 3 JUN 2019 – 9 DEC 2019
    Contract Number: ********C0350

    Read More

    Advanced Persistent Threats (APTs) use a variety of methods to disrupt and destroy cyber operations of their targets but, by performing a deeper examination of these methods, we can discern new information and connections between APTs to better protect against attacks. RIALTO is a tool designed to predict the cyber behavior of APTs by looking at the Tactics, Techniques, and Procedures (TTPs) used by similar APTs. By modeling their historical TTP use and applying advanced machine learning techniques, we can predict what kinds of attacks an APT may launch in the future.

    In this project, we utilize TTPs documented in MITRE’s ATT&CK Framework to develop threat models which illuminate the hidden relationships and commonalities between separate APTs and allow us to predict possible future activity. By applying clustering techniques, we determine peer groups of similar APTs based on their unique combinations of TTP usage. These TTPs range broadly from highly technical methods such as DLL hijacking, to social engineering techniques like Spearphishing. In the future, we will soon expand this to include specific software usage and known targets. Using these peer groups and collaborative filtering techniques, we can develop “recommended” TTPs for an APT: TTPs that groups similar to them have used and that we can expect the new APT to use in the future.

    Predicting future TTPs can enable targeted organizations to better prepare their networks and users for attacks. Software updates can be prioritized based on likely attack vectors and users can be alerted to specific potential methods attackers may use to gather their information.

    These predictions are also incorporated in our “Attacker Search” capability in which the user can enter known information about a cyber threat (such as TTPs used, target, purpose, etc.) and receive a list of possible APTs that match that criteria. RIALTO incorporates trusted APT data and pulls the latest threat information from the MITRE ATT&CK database ( and MISP Threat Intelligence ( This feature enables users to quickly attribute attacks based on the historical footprint of APTs.


    • Recommender Systems: Collaborative filtering machine learning models use similarity between APTs to predict future behavior
    • Cyber Early Warning: Provides advanced notice of future attacks that cyber defenders can use to prioritize defensive measures and software patching
    • Cyber Attack Attribution: Find malicious cyber threat groups who’s past activities matches a user-defined profile • Differentiators
    • Integration with MITRE ATT&CK Framework: ATT&CK is the standard for defining cyber-attack vectors and vulnerabilities. RIALTO speaks that language.
    • APT Biographical Information Enrichment: ATT&CK’s data is enriched with other data about APTs such as their known targets, suspected state sponsors, and motives to improve prediction accuracy.
    • Customizable Architecture: The system is designed to allow users to create their own sandbox of known APT and TTP data and run predictions based on these datasets which may not be publicly available.


    • DOD
    • Other government agencies
    • Defense Industry Partners (anyone who may be targeted by an APT)


    SBIR Topic: Accelerated Learning Model for Increased Strategic and Tactical Decision Making Using Multi-player Games (N211-082)
    Internal Project Name: TACTICS
    Dates of Contract: 7 JUN 2021 – 7 DEC 2021
    Contract Number: ********C0415

    Read More

    IntelliGenesis developed a multiplayer game to accelerate learning and mastery of strategic and tactical urban combat skills for active-duty warfighters, internally called Tactical Analytical Cognitive Training for Interactive Combat Simulation (TACTICS)(SBIR Phase I). TACTICS is a first-person shooter (FPS), developed using the Unity game engine, which places the player in realistic combat situations which test their situational awareness, communication skills, and tactical decision-making. TACTICS provides the ability to train anywhere, even from home. By not requiring advanced hardware or software, TACTICS makes urban combat training readily available. This enables much more training repetition, resulting in increased proficiency in the trained skills over a shorter time period.


    • Game Design: Game objectives and feedback mechanisms to provide the user an engaging training environment
    • Behavioral Modeling: Creating in-game agents that behave like real humans
    • Potential Future: Developing new strategies through Reinforcement Learning AI techniques where the game learns how to play itself by playing millions of times against an ever-improving version of itself. This is the same technique used to train the best Chess and Go AI agents.


    • Individualized Specific Feedback: Players receive more than just a score and basic statistics after a mission. They receive specific feedback that describes improvements based on the actions they performed during play.
    • Spectator Mode: Non-players (such as a commander or instructor) can observe the gameplay live without interacting with players or adversaries, enabling human commentary and feedback as well. In the future we can also allow users to watch replays with DVR style controls.
    • De-emphasized mechanical skill: Mouse and keyboard skill does not translate to real urban combat proficiency and is not what we want to train. We deemphasize its importance by not requiring pinpoint accuracy in shooting that is typical of other FPS games.
    • Enemy AI: Enemies have multiple behavioral profiles, with the capability to add more. This alleviates need for role players and enables more accurate scenario planning by using behavior profiles appropriate to the expected adversary.
    • Playable Small Scale: This is designed for a standard 4 player fire team (but can scale to much larger, at least 8). It also has minimal system requirements. Any typical modern laptop could run it fine, and you just need a network connection to play with others. No top end gaming computer needed, and no central server that it must call home to.


    • DOD
    • Law Enforcement
    • Bohemia Interactive: This company makes the Virtual Battle Space (VBS) series of training simulation. VBS is already used by the US military and dozens of others around the world. VBS is a much much larger scale and full featured version of what TACTICS is trying to do, but it is missing some of the smaller features that make TACTICS unique. As far as I can tell it doesn’t have any automated feedback piece and I’m not sure how their shooting mechanics work. They also work best with large scale server architecture supporting dozens to hundreds of players, I don’t think they’re an option for playing a quick game in your barracks room with a couple of buddies.


    STTR Topic: Human Behavior Analytics Tool (HBAT)
    Internal Project Name: WATCHTOWER:
    Dates of Contract: 8 JUN 2020 – 8 JAN 2021
    Contract Number: ******-**-P-0012

    Read More

    IntelliGenesis LLC developed WATCHTOWER (STTR Phase 1), a tool using AI to make suicide risk predictions based on personnel records instead of medical records. These records are readily available for all service members and regularly updated, whereas individuals’ medical records may only exist for issues brought up by the subjects, themselves. Generating accurate predictions based on personnel records would have a dramatic impact on the ability to help potential victims before it is too late. The ability to utilize new data sources in addition to medical records will also drastically expand the breadth of potential indicators that can be detected and addressed.


    • Suicide Prevention AI: Uses multiple AI models to predict an employee’s level of risk for suicide based on personnel data (demographics, age, salary, leave usage, performance reviews, etc.)
    • Dashboard Visualization: Customizable visualization of highest risk employees and employees with largest changes over the last week/month
    • Natural Language Processing (NLP): Analyzes plain unstructured text performance reviews for sentiment and incorporates that into the risk assessment.


    • Dr. Craig Bryan, Ohio State University: Dr. Bryan is a worldwide leader on veteran suicide and a veteran himself. He has published over 100 works on the topic. He consulted with us extensively and contributed to algorithm and interface design. Upon completion of the project, he said he was very willing to work with us in the future on this or other related projects.
    • Personnel data: Countless studies have been done using medical data as input to the AI models. But medical data tends to be incomplete and is much harder to access legally. Personnel data (especially in the military/DOD use case) is much more abundant, complete, and accessible making it a potentially stronger data set.
    • Multiple models combined: Rather than just one AI model, our system is designed to be flexible and work with multiple models as plug and play modules that can be changed based on the data available to any particular customer.


    • DOD
    • Reserves
    • Law Enforcement


    SBIR Topic: Machine Learned Cyber Threat Behavior Detection (SCO 203-001)
    Internal Project Name: CYBERSPAN
    Dates of Contract: 20 DEC 2021 – 19 DEC 2023
    Contract Number: ********C0006

    CYBERSPAN is accessible to both government and commercial customers through our IG Labs Products page, or to government-only customers on the Tradewinds Solutions Marketplace which demonstrates multiple use cases in which we provide Defense Industrial Base (DIB) Small Businesses with a capability to constantly analyze their network’s behavior to identify potential threats and anomalies. IntelliGenesis was recognized among a competitive field of applicants whose solutions demonstrated innovation, scalability, and potential impact on DoD missions.

    Read More

    One of CYBERSPAN’s primary objectives is to provide fundamental cyber protection for small to medium sized Defense Industrial Base (DIB) companies in the DoD supply chain that do not have the resources and expertise to secure their own networks. It protects against malicious and anomalous activities that could compromise DoD data and intellectual property. CYBERSPAN is a plug and play solution at the network boundary that can be installed and run without the maintenance burden.


    • Network Traffic Analysis: Captures and analyzes all traffic on the user’s network. o Unsupervised Anomaly Detection: CYBERSPAN learns what’s normal for your network without being told. Then it will alert users to anomalous traffic that doesn’t match its learned norms.
    • Malicious Attack Identification: Traffic and anomalies matching known malicious patterns are mapped to MITRE ATT&CK Framework Tactics, Techniques, and Procedures (TTPs)
    • Integration with Other Intrusion Detection Systems: Generates events and adjusts priority based on enrichment data from other IDS’s such as Suricata.


    • Agent-less Setup: CYBERSPAN does not require agents installed on every system. It operates at the network switch. This reduces maintenance and system administration burden while also providing results for networks where administrators do not control all the devices (such as open Wi-Fi at airports or hospitals).
    • Does not decrypt traffic: Users’ privacy is preserved as CYBERSPAN does not decrypt or view the content of network traffic. It operates only on metadata such as to/from IPs, ports, and packet sizes.
    • Detects anomalous traffic on non-traditional network devices: Devices such as Smart TVs, Alexas, and Google Homes generate network traffic, but can’t be monitored by traditional agent-based network security systems. CYBERSPAN is able to collect and analyze this traffic and highlight anomalies.


    • Small to Medium size businesses without cybersecurity expertise on staff
    • DOD/DC3
    • Locations which provide free and open Wi-Fi
      • Airports
      • Hospitals
      • Hotels


    IntelliGenesis is proud to team with industry leaders whose innovative ideas and connections help us deliver advanced services and products to improve customer missions. For support with your next project, contact us anytime!



    Maryland Headquarters
    6950 Columbia Gateway Drive,
    Suite 450 
    Columbia, MD 21046 USA

    Georgia Office
    100 Grace Hopper Lane,
    Suite 3700
    Augusta, GA 30901 USA

    Texas Office
    3331 General Hudnell Dr,
    Suite 3
    San Antonio, TX 78226 USA

    Contact Info:



    DUNS Number
    CAGE Code