Cyber Missions of National Security Importance

BreakPoint Labs has had the opportunity and privilege to provide cybersecurity services to missions of national security importance. The following projects represent some of the technically proficient, mission-focused cybersecurity services we’ve delivered to our federal clients.


U.S. Army Engineer Research and Development Center (ERDC) Cyber Red Team

Under contract to the U.S. Army Engineer Research and Development Center (ERDC), BreakPoint Labs delivers Cyber Red Team services to help expose risks in IT and operational technology (OT) across the DoD Information Network (DODIN). Supporting the only Department of Defense (DoD) Cyber Red Team focused on critical infrastructure cybersecurity; BreakPoint Labs operators take the role of aggressor, assessor, and tester by emulating adversarial tactics, techniques, and procedures (TTPs) to identify high-impact vulnerabilities posing a risk to mission success. BreakPoint Labs has proudly supported the ERDC Cyber Red Team since its formation back in 2018.

Naval Sea Systems Command (NAVSEA) Naval Surface Warfare Center (NSWC) Dahlgren Division Risk Management Framework (RMF) Technical Services

Under contract to the Naval Sea Systems (NAVSEA) Command, Naval Surface Warfare Center (NSWC), BreakPoint Labs applies the Risk Management Framework (RMF) to deliver technical services like package authorization, creation, and maintenance, along with cybersecurity policy development and security control evaluations. Aligning with the Department's risk-based approach, BreakPoint Labs uses its subject matter expertise to facilitate process standardization and transparency of the system's security vulnerabilities — all ensuring high-quality, authorization-ready RMF packages for the Command.

Department of Health and Human Services (HHS) Office of the Inspector General (OIG) Network Penetration Testing Services

Under contract to the Department of Health and Human Services (HHS), BreakPoint Labs conducts large-scale pen testing as a service across the Department's vast IT infrastructure, including its cloud environments, networking infrastructure, and web applications. BreakPoint Labs' Penetration Testers assess the effectiveness of security controls within mission-critical environments selected by HHS, including hospitals and healthcare campuses, when put up against real-world cyber attacks.

U.S. Army Corps of Engineers (USACE) Security Control Assessor-Validator (SCA-V) Services

Contracted with the U.S. Army Corps of Engineers (USACE), BreakPoint Labs delivered risk assessments and engineering services to the Engineer Research and Development Center (ERDC) Security Control Assessor-Validator (SCA-V) — supporting informed risk-informed decisions by Department of Defense (DoD) and U.S. Army Authorizing Officials (AO). During that time, BreakPoint Labs provided its expertise in DoD cybersecurity assessment policy and guidance by assessing 120+ systems annually. From large enterprise networks (10,000+ endpoints) to weapon systems to critical infrastructure, BreakPoint Labs Security Assessors uncovered security weaknesses and offered technical recommendations to effectively mitigate cyber risks.

Department of Commerce (DOC) Office of the Inspector General (OIG) Covert Red Team Assessment

Under contract to the Department of Commerce (DOC) Office of the Inspector General (OIG), BreakPoint Labs emulated real-world attack scenarios to provide examples of what a knowledgeable and motivated threat actor could achieve when targeting specific Department systems. During that time, BreakPoint Labs’ Red Team Operators attempted to gain unauthorized access to the targeted IT systems, establish threat persistence within the network, and demonstrate an ability to access mission-critical data while evading cybersecurity monitoring systems. Despite the unique but critical mission of the DOC, BreakPoint Labs successfully developed, applied, and pivoted attack methods to gain unauthorized access to the targeted environment, elevate its permissions, and establish persistence as a network threat.


DCO Capability Development for the DoD High Performance Computing Modernization Program

Under contract to the DoD HPCMP, BreakPoint Labs designs, develops, and deploys a wide range of cybersecurity capabilities to protect and defend the Defense Research and Engineering Network (DREN) and Secret DREN (SDREN) – the DoD’s recognized segment of the DODIN supporting the research, development, test, and evaluation (RDT&E) community. Through well-formed development-security-operations (DevSecOps) software engineering practices, BreakPoint Labs operates infrastructure as code (IaC) to rapidly deploy software in a repeatable, reliable manner. From a nationwide network of advanced monitoring sensors and security incident and event management (SIEM) systems to automating and streamlining security operations center (SOC) and cybersecurity reporting, BreakPoint Labs Software Developers embrace a DevSecOps culture with modern software practices aligned with DoD CIO standards.

DoD High Performance Computing Modernization Program (HPCMP) Cybersecurity Service Provider (CSSP) Services

BreakPoint Labs has supported the DoD HPCMP CSSP since its inception through the delivery of cybersecurity activities in accordance with DoD Instruction 8530.01 and the NIST Cybersecurity Framework (CSF). Consisting of cybersecurity activities to protect, detect, respond, and recover, BreakPoint Labs Cybersecurity Analysts implement and operate prominent DoD cybersecurity tools, such as ACAS, ESS, ACEM, C2C, and many more. BreakPoint Labs Cybersecurity Analysts support SOC operations to identify, categorize and report anomalous or malicious activity, and implement countermeasures to rapidly contain activity and reduce cyber risk. BreakPoint Labs has supported the authorization of the DoD HPCMP as a certified CSSP, completing the DoD Evaluators Scoring Metrics (ESM) and demonstrating performance levels far exceeding the minimum requirements.

Department of Interior (DOI) Office of the Chief Information Officer (OCIO) Advanced Security Operations Center (ASOC) Services

BreakPoint Labs delivers security operations and cyber intelligence services to the DOI OCIO Cyber Security Division (CSD), which includes technical services in the areas of continuous monitoring operations, security analysis, security engineering, threat hunting, countermeasure development, malware analysis, insider threat, and intelligence trending analysis and reporting. As a subcontractor, BreakPoint Labs provides subject matter expertise to operate and maintain a wide variety of commercial cybersecurity technologies, including vulnerability management systems, SIEM technologies, IDS/IPS, DLP, and endpoint security tools, as well as open source network security monitoring capabilities, such as Zeek. Additionally, BreakPoint Labs helps create and maintain information security program documentation for DOI, such as a concept of operations (CONOPS), standard operating procedures (SOPs), and an incident response plan.


Office of the Undersecretary of Defense for Research and Engineering (OUSD(R&E)) Cyber Sensing for Operational Technology (OT)

Working under a Direct to Phase 2 Small Business Innovative Research (SBIR) contract, BreakPoint Labs conducted applied research and development (R&D) to help address shortcomings in analyzing cybersecurity data sources that are part of operational technology (OT) environments and our nation's critical infrastructure. BreakPoint Labs' developers transformed traditional IT sensing capabilities to reliably collect, enrich, and analyze data for complex OT environments — adapting to the varying protocols and unique networking and computational environments. Through the development and implementation of a data-driven OT processing pipeline including OT-specific threat data, BreakPoint Labs extended the visibility and resiliency of OT within critical infrastructure environments — ultimately improving our nation's critical infrastructure cybersecurity.

U.S. Army Engineer Research and Development Center (ERDC) Cybersecurity for Additive Manufacturing (AM) Environments

Under a Phase 3 Small Business Innovative Research (SBIR) contract to the U.S. Army Engineer Research and Development Center (ERDC), BreakPoint Labs deployed fully-featured cybersecurity monitoring sensors to collect data and provide advanced analytics for additive manufacturing (AM) environments, along with their IT-adjacent infrastructure. Tailored to collect high-value data, specifically within AM workflows, BreakPoint Labs conducted fine-grained analysis of trusted design files that maximized the visibility and integrity of manufactured objects. The added visibility provides data-driven performance indicators that allow AM operators to identify system security gaps and gain confidence that manufactured objects meet the intended design specifications — ultimately supporting mission success.

Joint Artificial Intelligence Center (JAIC) Test and Evaluation of Artificial Intelligence (AI)

Under a Blanket Purchase Agreement (BPA) with the Department of Defense (DoD) Joint Artificial Intelligence Center (JAIC), BreakPoint Labs provides innovative solutions that enable the DoD to rapidly test and validate AI capabilities used throughout military operations and critical missions. Available to any DoD and Federal government client, BreakPoint Labs has provided data prepping, testing, planning, documentation, reporting, and use-case identification services for the spectrum of emerging AI technology like machine learning (ML), deep learning (DL), and neural networks (NN). Throughout the engagement, BreakPoint Labs has identified countless AI use cases within DoD production environments, rapidly piloted new solutions, and scaled the impact of AI across the DoD enterprise.

Supports the Defense Advanced Research Projects Agency (DARPA) Cyber Hunting At Scale (CHASE) Program

The Defense Advanced Research Projects Agency's (DARPA) Cyber-Hunting At Scale (CHASE) program is a collection of data-driven cyber-hunting tools for real-time cyber threat detection, characterization, and protection across dozens of enterprise networks. In support of this program, BreakPoint Labs provides cyber research that enables reliable and secure transmission of various cybersecurity data sets within the CHASE computational environment, along with machine-readable data schemas and definitions. BreakPoint Labs' cyber research experts have provided analytical services to independently verify and validate the data-driven cyber hunting capabilities developed under the DARPA CHASE program. BreakPoint Labs has worked closely with over a dozen performers throughout the engagement to collect the correct contextual data, characterize novel attack vectors, and disseminate protective measures across the DoD Information Network (DODIN).


Assesment Consultation