Accelerated CDM Program Approval Allows Government Agencies to Purchase Leading Continuous Security Validation Solutions

SANTA CLARA, CA, April 9, 2020 — AttackIQ, the leading independent vendor in the breach and attack simulation market, in conjunction with their GSA Schedule partner, RockITek, today announced their platform has been added to the Approved Products List (APL) to deliver relevant cybersecurity capabilities in support of the Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) program. AttackIQ assures federal agencies are in the best position possible to defend against actual security threats by continuously testing security controls, processes and people with their automated validation platform.

The DHS Cybersecurity and Infrastructure Security Agency’s CDM program is leading the effort to reduce cyber risk and provide visibility across the federal government. The CDM program is delivering automated tools to federal agencies to strengthen their ability to identify and mitigate cybersecurity risks on an ongoing basis, prioritize these risks based on potential impacts, and quickly enable cybersecurity personnel to focus on the most significant problems first. The program provides cybersecurity tools, integration services, and dashboards to participating agencies to support them in improving their respective security posture.

“Through the CDM Program, federal agencies are receiving the necessary tools to strengthen their ability to monitor and manage cyber threats. AttackIQ provides a unique capability to continuously validate that the deployed tools are effectively stopping the attacks they were intended to,” said John Sobczak, RockITek’s CEO. “We are very excited about making the AttackIQ platform available on the CDM Program.”

AttackIQ provides federal agencies with an understanding of their cyber-readiness through identification of their vulnerabilities in response to common attack vectors. With AttackIQ’s immediate, real-time insight into an existing enterprise’s security posture, coupled with their automation of the MITRE ATT&CK framework, security executives are enabled to think systematically about the environment in which they must stand up and operate their security programs.

“We are excited to be added to the CDM program’s APL. This is a monumental step in enabling our federal government with the valuable insights our platform can provide. On day one, federal agencies will have immediate, accurate, comprehensive insight into the effectiveness of their security programs,” said Stacey Meyer, AttackIQ’s VP of Federal Operations. “They will be able to identify blind spots, redundant systems and tools, as well as vulnerabilities that need to be remediated. It is more important now than ever that government organizations execute a threat informed defense-based strategy. Our platform provides the means to actualize threat informed defense by automating the measurement of an organizations cyber readiness.”

AttackIQ provides enterprises of all sizes the ability to automate the assessment of their cyber-readiness providing valuable insight into the effectiveness of their security controls. Yielding the federal government with the ability to make tactical and strategic decisions to proactively position themselves for success against the adversary. By providing knowledge of the highest probability risk exposures and gaps in their cyber defenses, AttackIQ empowers the federal government to make the best decisions to minimize the cyber risks to their agency and our nation’s security.

About AttackIQ

AttackIQ, a leader in the emerging market of breach and attack simulation, built the industry’s first platform that enables red and blue teams to test and measure the effectiveness of their security controls and staff. With an open platform, AttackIQ supports the MITRE ATT&CK framework, a curated knowledge base and model for cyber adversary behavior used for planning security improvements and verifying defenses work as expected. AttackIQ’s platform is trusted by leading companies around the world. For more information visit Follow AttackIQ on TwitterFacebookLinkedInVimeo, and YouTube.

About RockITek

Since 2017, RockITek is a distributor specializing in building and managing purpose-built consortiums that accelerate the adoption of emerging technology into government space. We collaborate with organizations to create alignment and work together to create mutual success. Our existing consortiums—Data Protection, Authentication & Access, and Security Validation—create success for our partners such as approval to DHS’ CDM APL and GSA Schedule in 30 days or less, increase the average deal size by 150%, and helping our partners see 200% growth. For more information on RockITek, visit us at