USA flag logo/image

An Official Website of the United States Government

SBIR Proposal - Hybrid Analysis Mapping (HAM)

Award Information

Agency:
Department of Homeland Security
Branch:
N/A
Award ID:
Program Year/Program:
2013 / SBIR
Agency Tracking Number:
HSHQDC-13-R-00009-H-SB013.1-002-0003-I
Solicitation Year:
2013
Solicitation Topic Code:
H-SB013.1-002
Solicitation Number:
HSHQDC-13-R-00009
Small Business Information
Denim Group, LTD
3463 Magic Drive Suite 315 San Antonio, TX 78229-2992
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
 
Phase 1
Fiscal Year: 2013
Title: SBIR Proposal - Hybrid Analysis Mapping (HAM)
Agency: DHS
Contract: HSHQDC-13-C-00038
Award Amount: $99,953.01
 

Abstract:

Determine the feasibility of developing a system that can reliably and efficiently correlate and merge the results of open-source and commercial automated static and dynamic security scanning technologies, by creating common data structure standards for both automated static and dynamic security scanning results; research and prototype methods of matching the results of automated static and dynamic tools. The goal of Phase I will be to deliver a working prototype that can correlate and merge the results of open-source and commercial automated static and dynamic security scans of web applications. Initial commercialization plans for the results of this research involve integrating it with Denim Group's existing ThreadFix product: a software vulnerability aggregation and management system that helps organizations aggregate vulnerability data, generate virtual patches, and integrate with software defect tracking systems. It is commercialized using a common and tested "open source" business model where the base technology is made available for free under an open source software license. This will increase the adoption of the technology by allowing any organization access to the software without requiring licensing fees. However, organizations that require commercial support for their customized use of the technology can purchase support contracts. In addition, organizations that wish to customize or extend the functionality of the technology will be required to pay for access to these services. Future plans are to make the technology available under a cloud "software as a service" (SaaS) model removing the requirements of configuring, installing and maintaining their own systems.

Principal Investigator:

Dan Cornell
dan@denimgroup.com

Business Contact:

Brian Mather
brian@denimgroup.com
Small Business Information at Submission:

Denim Group, Ltd
3463 Magic Drive, Suite 315 San Antonio, TX 78229-2992

EIN/Tax ID: 260014383
DUNS: N/A
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No