SOSSEC, Inc. hosted a Cyber Talk in conjunction with the Project Manager Defensive Cyber Operations, COBRA OTA, inviting DOD, SOSSEC members, and interested companies for an informational and educational discussion led by Exiger.

Event Title
Surviving on a Diet of Poisoned Fruit: FOCI in the Software Supply Chain

Date
Thursday, 6 March 2025, 1300-1500 hours ET

Speaker:
Ms. JC Herz – SVP Exiger Cyber Supply Chain

Event Description
We live in a world where rapid adaptation requires dual-use technology, including proprietary firmware and open-source software components that are developed, maintained, or controlled partially or fully by nation-state affiliates. State-of-the-art commercial supply-chain analytics can rapidly illuminate the extent of foreign adversarial penetration of the supply chain for foundational software dependencies. But no one wants to see risks they can’t manage. So the question is: what do we do? How do we govern and risk-mitigate code that we can’t rip out and/or that our vendors and contractor-staffed software factories – and our AI/ML programs – can’t or won’t give up?

Who Should Attend?
This event is open to the public for those eager to enhance the effectiveness of the Department of the Army Defense Cyber Operations (DCO) cyberspace and cybersecurity infrastructure through critical research, experiments, development, testing, and the development of innovative technologies. US Government (military and civilian), contractors, SOSSEC members, and non-members are encouraged and welcome to attend to learn more about successful technology collaboration from these Cyber Talk briefings. The recommended audience is program managers, development teams, engineers, architects, security managers, security specialists, system administrators, and analysts who work in DoD cyberspace.

About The Consortium
The Army’s Cyber Operations Broad Responsive Agreement (COBRA) aims to spur innovative development, demonstration, and expedited delivery of prototypes for Warfighter readiness. When awarded an Other Transaction Authority (OTA), there is a requirement to join the System of Systems Consortium (SOSSEC), the consortium manager for Program Executive Office – Intelligence, Electronic Warfare & Sensors (PEO IEW&S). For more information on joining the consortium, please go to www.sossecinc.com.

Full Meeting Link
https://events.gov.teams.microsoft.us/event/8d3ec939-7dd9-4ff7-a8b1-72e9f12cd3d5@4a165eb0-e365-4af6-8b94-a2c9f57645c0

Questions?
Any questions about the event or joining the consortium can be directed to Alex Comeau of SOSSEC, Inc. at acomeau@sossecinc.com.

·       CO-23-0005_VIPER Announcement Final

·       CO-23-0005_Appendix 001_Statement of Objectives Final

·       COBRA Flow Down Articles Questions and Submissions Questions should be directed to the following points of contact:

• Gene Del Coco, SOSSSEC Inc., edelcoco@sossecinc.com, 570-236-9889
• Alex Mc Wade, SOSSEC Inc., amcwade@sossecinc.com, 603-247-7535

Submissions shall be uploaded to the Vulcan Technology Platform for collection and evaluation. Submissions shall be uploaded by the due date and time at the following link:

https://vulcan-sof.com/login/ng2/submission?collectionUuid=b8b922d6-1c02-43cd-a725-d36e86cec888

INTRODUCTION
Army Contracting Command – Rock Island (ACC-RI), in collaboration with Project Manager Defensive Cyber Operations (PM DCO), Product Manager Cyber Applications and Detection (PdM CAD) and the SOSSEC Consortium, with SOSSEC, Inc., is seeking a solution to foster technological innovation relevant to the capability gap identified in this announcement.

In accordance with 10 U.S.C. § 4022 The term “prototype project” includes a project that addresses-

(A) a proof of concept, model, or process, including a business process;
(B) reverse engineering to address obsolescence;
(C) a pilot or novel application of commercial technologies for defense purposes;
(D) agile development activity;
(E) the creation, design, development, or demonstration of operational utility; or
(F) any combination of subparagraphs (A) through (E).

This announcement uses a multiple-phase competitive down-select that may result in the award of a single prototype project or multiple prototype projects. Dates listed in this announcement are tentative and subject to change based on actual progress made through each phase of selection. This project is entered to solve the capability gap through a pilot or novel application of commercial technologies for defense purposes, an agile development activity, or any combination of the above definitions.

Daedalus is designed to be a “Solution Focus” pilot that allows the government access to “Bleeding Edge” technology, while lowering risks and encouraging innovation. Daedalus is a pilot that allows organizations to test and evaluate immature or emerging technologies that are not currently in the government space. Daedalus will foster meaningful collaboration between Government, Industry, and Academia to identify and develop enabling technologies necessary to broaden capabilities on the Information Technology and Cyberspace domain and to ensure the highest level of readiness for the Army’s Warfighters.

SOSSEC will begin receiving Capability Statements on Oct 5th, 2022. Only Consortium Members are eligible for consideration. These Capability Statements, if down selected, will populate a pool of Consortium Partner Members, interested in reviewing Problem Statements and proposing Industry ideas to the Daedalus Team for possible awards to be delivered. The ACT and the Daedalus Team will be evaluating Capability Statements starting October 5th through Oct 23rd, 2022. The call for Capability Statements by SOSSEC and ACT will remain open continuously and competitive for down selection to the Partner Pool and against Sprint selections. However, the establishment of a pool of its initial Partner Members is a priority through Oct 23, 2022.

SOSSEC is interested in Consortium Member feedback, comments and suggestions to this new Program Description and Workflow. At your earliest opportunity and through the month of Oct 2022, please send your comments to eaguirre@sossecinc.com.

We appreciate your attention and interest DCO COBRA activities.

General questions may be directed to eaguirre@sossecinc.com or edelcoco@sossecinc.com.

Army Civilian Cyber Learning Management
Decision Support System (ACCLMDSS)
Announcement

Virtual Q&A Session: July 26, 2022

Initial White Paper Submission Deadline: August 1, 2022

INTRODUCTION
The U.S. Army Civilian Career Management Activity (ACCMA) and the Project Manager Defensive Cyber Operations (PM DCO), in collaboration with SOSSEC, Inc. as the Cyberspace Operations Broad Response Agreement (COBRA) Consortium Manager, seeks innovative solutions relevant to the capability gap identified in this Announcement. In this context, innovative means any new technology, process, or business practice, or any new application of an existing technology, process, or business practice that enhances mission effectiveness for ACCMA.

This Announcement is considered a competitive process and includes multiple phases, including the submission of White Papers (Phase I); One-on-One Discussions and Demonstrations (Phase II); and Final Down-Select and Finalization of Agreement(s) (Phase III). Potential prototype projects will be directly relevant to enhancing ACCMA’s mission effectiveness. This announcement may result in the award of prototype project(s) from this multi-phased competitive process. Please note the dates listed in this Announcement are tentative dates that are subject to change based on actual progress through each phase of selection.

Project Manager Defensive Cyber Operations (PM DCO) in collaboration with SOSSEC, Inc. is seeking solutions for commercial technologies to foster technological innovation relevant to the capability gap identified in this Announcement. In this context, innovative means any new technology, process, or business practice, or any new application of an existing technology, process, or business practice that that enhances mission effectiveness for PM DCO.

This Announcement is considered a competitive process and includes multiple phases for selection through a rodeo. Potential prototype projects will be directly relevant to enhancing the effectiveness of the PM DCO Army Cyber Mission Forces. This announcement may result in the award of prototype project(s) as a result of this multi-phased competitive process. Please note the dates listed in this Announcement are tentative dates and may be subject to change based on actual progress made through each phase of selection.

Introduction:
Project Manager Defensive Cyber Operations (PM DCO) in collaboration with SOSSEC, Inc. is seeking solutions for commercial technologies to foster technological innovation relevant to the capability gap identified in this announcement. In this context, innovative means any new technology, process, or business practice, or any new application of an existing technology, process, or business practice that enhances mission effectiveness for PM DCO.

This Announcement is considered a competitive process and includes multiple phases for selection. Potential prototype projects will be directly relevant to enhancing the effectiveness of the PM DCO and Army Cyber Mission Forces. This announcement may result in the award of a prototype project or projects as a result of this multi-phased competitive process. Please note the dates listed in this Announcement are tentative dates and may be subject to change based on actual progress made through each phase of selection.

This project will follow an aggressive timeline.

The instructions for Scout Card preparation and submission and the URL for VULCAN are contained within the project announcement attachment.

  Click here for presentation materials 10/7/2021 Fortinet A Foot in Both Camps – A Different Perspective on Cyber Click here for presentation materials 9/2/2021 VMWare Carbon Black Global Threats on the Rise: Navigating APT41 Click here for presentation materials 8/5/2021 ManTech Digital Twins – Operationally Realistic, High-Fidelity Environments Made Easy Click here for presentation materials 7/15/2021 Elastic Security Extended Detection and Response (XDR): The convergence of endpoint protection, detection, and response and SIEM. Click here for presentation materials 6/17/2021 Carahsoft/NVIDIA How Parallelized Compute Fuels Artificial Intelligence Click here for presentation materials 6/3/2021 GuidePoint Security How To Revisit And Continue The Zero Trust Journey Post COVID-19 Click here for presentation materials 5/20/2021 FireEye From SUNBURST to HAFNIUM: Learning from Past to Prepare for the Future of Cloud and Supply Chain Risks Click here for presentation materials 5/6/2021 Varonis Attackers Prey on Uncertainty – A New Approach to Detecting and Stopping Sophisticated APTs and State Sponsored Attacks Click here for presentation materials 4/1/2021 LogZilla and Axellio The Intersection of Advanced Technologies for Real-Time Countermeasures: Speed of Indexing is the New Determinant of Success Click here for presentation materials 3/18/2021 Crowdstrike Moving from the Right of Boom in Cyber Security to Left of Boom Click here for presentation materials 3/4/2021 Sepio Systems Visibility and Control of all Hardware Assets and Rogue Mitigation Click here for presentation materials 2/4/2021 IBM Data Management at Global Scale – The Art of the Possible Click here for presentation materials 1/7/2021 NetApp Building Data-Centric Applications for a Global DevOps Environment Click here for presentation materials 12/17/2020 FireEye (Verodin/MSV): 5 Steps to Validate Security Performance, Rationalize Investments and Operationalize Intelligence Click here for presentation materials 11/19/2020 Securonix Modernizing the SOC – Integrated SIEM, UEBA, SOAR and Workflows Click here for presentation materials

  10/15/2020 Steel Cloud The Technical Nuts & Bolts of CMMC Click here for presentation materials 10/1/2020 HashiCorp Infrastructure as Code, Security as Code, and Policy as Code for Implementing a Cloud Operating Model Click here for presentation materials 9/17/2020 Nuix Taking Back the Host: State of the Art Endpoint Detection and Investigation Click here for presentation materials 9/3/2020 Sealing Tech Container Insights for DCO Click here for presentation materials 8/27/2020 McAfee Advanced Cyber Threat Defense (ACTD) Click here for presentation materials 8/13/2020 Cisco and Splunk Your end-points are returning to the building-where have they been? Click here for presentation materials 7/23/2020 ARCYBER and DCO ACT Click here for presentation materials 6/24/2020 Security Onion Peel Back the Layers of the Enterprise Click here for presentation materials 5/28/2020 Microsoft Cloud Hosting and Microsoft’s Capabilities Click here for presentation materials 5/14/2020 Amazon Cloud Hosting and Amazon’s Capabilities Click here for presentation materials 4/23/2020 Napatech, Inc. and Axellio Network Capture Hardware Click here for presentation materials 3/31/2020 COBRA OTA Panel COBRA OTA Panel Click here for presentation materials 2/26/2020 FireEye APT28 Russian Threat Group Click here for presentation materials

  Project Announcement Number CO-19-0011 Announcement Type Request for White Papers (RFWP) Federal Agency Name PdM DCO Entity Name SOSSEC, Inc. and the SOSSEC Consortium Release Date 1 April 2019 Closing Date/Time 8 April 2019, 11:00 AM, ET Individual Awards Multiple project awards may be considered under this announcement. The Government reserves the right to select all, part, or none of the proposals received. Instrument Type Firm Fixed Price Project Award with milestone deliverables/payments Anticipated Value Proposals are expected to be bid at a cost commensurate with the level of effort. Period of Performance 6 Months Questions and Submissions All Questions and Proposal submissions must be emailed to ALL of the following SOSSEC personnel:

·     Eugene Del Coco, edelcoco@sossecinc.com

·     John Nunziato, jnunziato@sossecinc.com

·     Debra Paine, dpaine@sossecinc.com

·     John Del Coco, jdelcoco@sossecinc.com

  Attachments: ·        Attachment A:  Flow-Down Articles

·        Attachment B:  SOSSEC Consortium Warranties and Representations

·        Attachment C:  Problem Statement

·        Attachment D:  Quad Chart Instruction

  It is the responsibility of the submitting party to confirm receipt of submissions by SOSSEC, Inc. ]]> https://sossecinc.com/opportunities/cyber-situational-understanding/ Wed, 04 Aug 2021 20:32:54 +0000 https://staging.sossecinc.com/?post_type=opportunities&p=12631 Request for Information (RFI). This RFI is for information and planning purposes only – it does not constitute a Request for Proposal (RFP) or a promise to issue an RFP in the future. The Government may revise its draft requirements at any time, or may elect not to proceed with a procurement.

Contractors are not required to respond to this announcement, but may do so at their own cost. The United States Government will not pay for information requested nor will it compensate any respondent for any cost incurred in developing information provided to the United States Government.

The Government may request a product demonstration in accordance with this RFI later. If a Product demonstration is requested, vendors may be contacted after receipt of RFI responses.  It is required that any of the technologies identified to this RFI be a Technical Readiness Level (TRL) of 6 or higher, and be of either commercial or non-developmental nature.