HP Awarded $32.4 Million Cybersecurity Contract by U.S. Department of Homeland Security

PALO ALTO, Calif. — HP today announced the U.S. Department of Homeland Security (DHS) has awarded the company a cybersecurity contract worth up to $32.4 million—the largest acquisition of software security assurance tools worldwide—under the DHS Continuous Diagnostics and Mitigation (CDM) government-wide Blanket Purchase Agreement (BPA).

HP captured the largest portion of the first task order awarded under the DHS CDM program to provide software security product licenses for 33 U.S. federal civilian government agencies.

The original $6 billion CDM BPA, awarded in August 2013, includes 17 vendors. Developed in response to the expanding landscape of cyberthreats, the DHS CDM program was established to enable government agencies to cost-effectively identify and mitigate network, system and software vulnerabilities. The five-year, multivendor program is designed to help the government address the rising volume and complexity of cyberthreats.

“In today’s technology-based society, there is nothing more important than protecting our nation’s cyberspace so citizens will have continuous and secure access to services,” said Al Kinney, vice president, Cybersecurity Solutions Group, U.S. Public Sector, HP Enterprise Services. “As one of the first companies to begin work under the CDM program, HP is well positioned to help agencies enhance their security arsenal by performing analysis, reporting and threat mitigation on their core software assets.”

With cybercriminals working harder and smarter to gain access to sensitive data, organizations must stay ahead of evolving threats and take proactive steps to facilitate the security of mission-critical applications. Under this award, HP will provide licenses for two industry-leading enterprise security solutions that will be used to address the application security requirements with the CDM program, including:

HP WebInspect, an automated web application security and penetration testing tool, mimics real-world hacking attacks and will enable agencies to thoroughly analyze their complex web applications and services for security vulnerabilities.
HP Fortify Static Code Analyzer (SCA) scans source code to identify the causes of software security vulnerabilities, then correlates and prioritizes results, giving agencies guidance to close security gaps at the code level.

More information about HP Enterprise Services’ government business is available at www.hp.com/enterprise/government. Additional information about HP Enterprise Security Products is available at www.hpenterprisesecurity.com.

HP’s premier annual government client event, HP Software Government Summit, takes place April 2 in Washington, D.C.

This news release contains forward-looking statements that involve risks, uncertainties and assumptions. If such risks or uncertainties materialize or such assumptions prove incorrect, the results of HP and its consolidated subsidiaries could differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements, including but not limited to statements of the plans, strategies and objectives of management for future operations; any statements concerning expected development, performance, market share or competitive performance relating to products and services; any statements regarding anticipated operational and financial results; any statements of expectation or belief; and any statements of assumptions underlying any of the foregoing. Risks, uncertainties and assumptions include the need to address the many challenges facing HP’s businesses; the competitive pressures faced by HP’s businesses; risks associated with executing HP’s strategy and plans for future operations; the impact of macroeconomic and geopolitical trends and events; the need to manage third-party suppliers and the distribution of HP’s products and services effectively; the protection of HP’s intellectual property assets, including intellectual property licensed from third parties; risks associated with HP’s international operations; the development and transition of new products and services and the enhancement of existing products and services to meet customer needs and respond to emerging technological trends; the execution and performance of contracts by HP and its suppliers, customers, clients and partners; the hiring and retention of key employees; integration and other risks associated with business combination and investment transactions; the execution, timing and results of restructuring plans, including estimates and assumptions related to the cost and the anticipated benefits of implementing those plans; the resolution of pending investigations, claims and disputes; and other risks that are described in HP’s Annual Report on Form 10-K for the fiscal year ended October 31, 2013, and that are otherwise described or updated from time to time in HP’s Securities and Exchange Commission reports. HP assumes no obligation and does not intend to update these forward-looking statements.

© 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.