10 hot companies to watch

Small firms tap into persistent concerns about security and other federal priorities

This year, Federal Computer Week's list of the top 10 companies to watch demonstrates the persistence of security as a concern in the federal information technology community.

Interviews with dozens of government IT executives show that the desire for more sophisticated security measures is a key driver in purchasing decisions. The types

of security products in demand have greatly broadened since the days when virus scanning and firewalls were everyone's idea of protection. Today, buyer interest covers everything from improving traditional surveillance methods to securing smart cards.

Federal agencies, naturally, have needs beyond security. The list reflects the need to manage workforces, integrate disparate systems, harness computing clusters and improve the flow of information to a variety of constituencies.

The list underscores one more thing about federal IT: Timing is everything when it comes to product development.

Product timing has worked well for Citadel Security Software Inc. Citadel addresses what company executives call a critical gap in the network security space: how to deal with the ever-increasing volume of vulnerabilities.

Scanning software is able to identify areas where networks are vulnerable, but such products don't provide the means for resolving those vulnerabilities, according to Jack Doxey, Citadel's vice president of marketing. This is where the company's Hercules automated vulnerability remediation software comes in. Hercules "picks up where scanners leave off," Doxey said.

Hercules imports and aggregates data from vulnerability assessment scanners and automates the process of dispatching remedies. The software lets organizations set remediation polices for a specific device or device group. Hercules addresses five vulnerability classes: unsecured accounts, backdoors, unnecessary services, misconfigurations and software defects.

Hercules entered the market in 2002. The product's arrival appears well timed from a federal standpoint. Steve Solomon, Citadel's chief executive officer, noted that the Office of Management and Budget in recent weeks has been asking agencies about vulnerability remediation. And then there's the Federal Information Security Management Act, which calls for agencies to assess vulnerabilities and implement procedures for reducing risk in a cost-effective manner.

Citadel, not surprisingly, has emphasized the federal market this year. Indeed, Citadel cited government business as a factor in the company's second-quarter results. Revenue was up 70 percent at the end of June compared to the same period last year.

The company's customers include the Air Force, Food and Drug Administration, and Navy. The product also is available via the Department of Veterans Affairs' Procurement of Computer Hardware and Software contract.

Meanwhile, Citadel is pushing its software to higher levels of security. The company has registered Hercules to undergo Common Criteria evaluation and certification, an important security standard, especially in the Defense Department. Solomon said Citadel is the only software company in its category to do so.

Royal Philips Electronics has another timely market entry. The company has brought its much-anticipated Mifare DESFire contactless smart card chip to the market. Contactless cards, increasingly popular as facility access cards, use radio frequency ID chips that are waved in front of a reader rather than inserted into readers. This reduces the wear and tear that would otherwise limit a card's life.

The Triple Data Encryption Standard version of Mifare, however, brings additional security to smart cards. This is of interest to federal agencies seeking to add contactless capabilities to cards that have been primarily used for access to computer networks.

Some technology providers retrofit products for the federal market, but Fortress Technologies and WiebeTech LLC have launched products with federal requirements in mind, which means they can get their products into the hands of customers faster.

Fortress, which specializes in wireless security, has pursued federal business from the company's inception. Its customer list includes the Air Force, Army and VA. More than 80 percent of the company's revenue comes from public-sector accounts.

In the public sector, Fortress has been on top of government security standards. In 2002, the company's AirFortress became the first 802.11 wireless security solution with Federal Information Processing Standard 140-1 certification. More recently, the company provided input into the FIPS 140-2 standard, which was adopted this year, said Janet Kumpu, Fortress' chief operating officer.

"We have taken the approach of architecting for FIPS upfront," Kumpu said. That design principle lets Fortress release products on a timely basis, she added.

She believes the universe of federal wireless applications is expanding. The Army, for example, is using Fortress to secure a portable wireless network for battlefield communication. She thinks this type of solution could also apply to an emergency response system for first responders.

Now, the company is looking to expand in the commercial sector, which, contrary to the typical pattern, is moving slower than the government market in technology adoption.

"Wireless is so new," Kumpu said. "They are taking longer in evaluation."

The task of convincing reluctant prospects has not been an issue for WiebeTech, which makes a computer-docking product that permits fast access to hard drives. In fact, customers convinced the Wichita, Kan.-based firm to build a product geared toward government work, and some clients asked for a forensic version tailored for law enforcement officials who need to collect evidence from suspects' computer hard drives.

WiebeTech listened to its customers. The result is a forensic product line that debuted in late 2002. Soon after the launch, the FBI came calling, said company founder James Wiebe. The Royal Canadian Mounted Police also purchased the product.

Wiebe said federal agencies are a natural fit for the company's forensic product line, which features models with varying levels of encryption. Government customers typically gravitate toward the high-end version, he said.

"With the emphasis on homeland security in particular, you can really see the drive to collect and process [digital] evidence," Wiebe said. "It's a good market."

WiebeTech now is working to broaden its base in the federal market. The company is marketing to "all the normal three-letter agencies" and the military, he said. The company also is broadening its product set and developing an encrypted hard-drive product.

Meanwhile, WiebeTech officials continue listening to their customers. Users of the forensic product, for example, want versions that support USB 2.0 and Serial Advanced Technology Attachment interfaces. Wiebe said his company is working to incorporate those enhancements.

"The very best source of product innovation does come from the customer," he said.

Tripwire Inc., a developer of integrity management solutions, counts the House of Representatives among its customers.

The company's products detect unauthorized changes — both accidental and malicious — to servers and network devices. Solutions of this kind are designed to boost the safety and predictability of critical IT infrastructure components.

The company's Tripwire for Servers 3.0 and Tripwire Manager 3.0 have received Common Criteria Evaluation Assurance Level 1 certification.

About 15 percent of Tripwire's business comes from the government sector, according to CEO W. Wyatt Starnes. He plans to boost that figure to 20 percent to 25 percent of the company's revenue. The strategy over the next 18 months is to complement the company's traditional direct business with relationships with systems integrators, he added.

He said he sees two primary drivers among federal customers: security and operational efficiency. "Clearly, the government is increasingly concerned about security and making sure the data running critical systems is known and protected." In addition, organizations are being asked to "deliver more IT capacity in a more predictable, cost-effective way," he said.

Also of interest to government agencies is Tripwire's File Signature Database, a repository of metadata that lets customers authenticate the integrity of files. The company's partners on the initiative include Hewlett-Packard Co., IBM Corp., InstallShield Software Corp., RSA Security and Sun Microsystems Inc. Tripwire plans to make the database available to government and law enforcement agencies to assist in cybercrime investigations.

Although many security products are geared toward protecting digital assets, ObjectVideo Inc. employs computer vision technology to improve old-fashioned physical security.

ObjectVideo makes video surveillance software. The company's Video Early Warning (VEW) product lets a computer and a camera "see" for a security organization. The product became available this year. A contract with the Homeland Security Department's Bureau of Customs and Border Protection is the company's largest federal deal thus far. The bureau is deploying VEW to monitor points of entry along the U.S./Canadian border.

Clara Conti, CEO of ObjectVideo, said the project has led to more opportunities. "Many doors have opened on the military side and on the commercial side just because of the kind of work we are doing" at the customs bureau, she said.

For example, ObjectVideo is working with the Office of Naval Research to integrate VEW with a 360-degree camera mounted on the mast of a ship, Conti said. The idea is to enhance perimeter security to avoid incidents such as the bombing of USS Cole in Yemen.

VEW is not intended to replace security personnel, said Edward Troha, director of marketing programs at ObjectVideo. Instead, the product lets security professionals more effectively use conventional surveillance technology. With motion-detection systems, for example, ripples on water or animal movements might trigger an alarm, Troha said.

With VEW, organizations use a wizard-like interface to define rules for a field of view. A rule — which Troha described as a "virtual tripwire" — could target vehicles entering a given area of interest, for example. The resulting alarm alerts a security professional who can then further assess the intrusion and take action.

Although security remains a hot topic, the same holds true for Web portal technology. Agencies have eagerly launched portals to improve the flow of information to employees and citizens, and few companies have been hotter in that space than Appian Corp.

The 4-year-old company is behind a number of key government portals. Appian's first major success was with Army Knowledge Online, which the company says is the world's largest Web portal. The Army portal could soon become a springboard for other projects.

"There's not a better marketing or sales person than the Army," said Matt Calkins, Appian's president and CEO. He said the Army deal has led to a number of other sizable projects, including the Navy's Knowledge Management Portal and the Federal Emergency Management Agency's portal for first responders (www.disasterhelp.gov).

Customer word of mouth has sustained Appian thus far and allowed it to remain lean in terms of marketing and sales investment. The company has built itself on its own revenue rather than relying on venture capital, Calkins said.

Appian offers its own portal and personalization software and the ability to customize the software to meet customers' requirements. On seven-figure portal deals, "we have always had to customize our solution to meet very demanding clients' needs," Calkins said.

The portal environment is frequently complicated. But the government's objective boils down to getting the right information to the right people as quickly as possible. "We're looking to unlock the value trapped in all the information they have," Calkins said.

Avue Technologies Corp. helps agencies unlock human potential. The company's Web-based human resources management service has struck a chord with federal agencies increasingly concerned about such issues. Avue specializes in public-sector workforce management.

The appointment of chief human capital officers at Cabinet-level agencies has elevated workforce issues in government. Linda Rix, Avue's co-CEO, said human resources has catapulted from an administrative function to a boardroom consideration. Assistant secretaries, chief information officers and chief financial officers are among those paying attention.

Agencies have a number of tasks to juggle. They must manage workforce performance, track employee skills, improve workforce deployment and develop a replenishment strategy to prepare for retirements, Rix said. Avue's hosted service automates a number of human resource functions, including strategic planning, recruitment and hiring, performance appraisal, compensation, and position definition.

Federal agencies subscribe to Avue's service and pay a fee based on the size of the organization. Contracts typically run for five years, with a one-year base and four one-year options.

The concept has caught on. "In round numbers, we're basically doubling [revenue] every year," said Jim Miller, Avue's co-CEO. He said the subscription model frees customers from such typical software concerns as per-seat pricing and maintenance fees.

Avue customers — which include the U.S. Agency for International Development and the Forest Service — are often large, distributed organizations with numerous field offices, Rix said. Because every agency employee is a potential user, human resource services must be deployed to every desktop, and Rix believes the company's hosted-software approach is the best way to get that done. Avue now has "an eye on expanding the model into other business functions outside of HR," she added.

Applications — hosted or otherwise — depend on the underlying technical infrastructure. This is where Platform Computing Inc. and Tibco Software Inc. make their contributions.

Platform Computing provides software that helps harness the power of grid- and cluster-based computing.

The grid approach aims to coordinate resource sharing in large-scale computing environments so users in one organization can tap into applications in another. Clusters use servers linked via software to provide a cheaper alternative to supercomputers.

The company's Platform LSF has emerged as a key job scheduling tool for managing computing clusters. In recent months, the Energy Department's Pacific Northwest National Laboratory and Los Alamos National Laboratory selected Platform LSF to help run their clusters.

Rene Copeland, vice president of government sales at Platform Computing, noted that DOD customers involved in high-performance computing also use Platform LSF. He said such customers need a scheduling program to manage their projects.

Beyond Platform LSF, the company provides software for the building and management of grid computing. It was the first to offer commercial support for Globus Toolkit, an open-source tool for building grid-based applications.

In addition to DOD's and DOE's high-performance computing operations, NASA has also tapped Platform Computing's capabilities. The company's focus on the federal market increased last year when the Canadian company launched a subsidiary to manage U.S. federal business.

Tibco is no less dedicated to the federal market. The enterprise integration software vendor pursues government-specific solutions in such areas as homeland security, command and control, supply chain integration and modernization.

Tibco's flagship ActiveEnterprise product monitors business operations, handles enterprise messaging and provides a platform for enterprise application integration. That function lets applications, databases and legacy systems communicate, which allows organizations to select such integration approaches as Extensible Markup Language, Web services or Tibco's messaging software.

For example, Aerospace Corp., which supports the Air Force Space Command's Space and Missile Systems Center, needed to distribute telemetry data to applications including expert systems and custom analysis tools, according to Tibco. Aerospace deployed ActiveEnterprise to achieve the level of communication the center had been seeking.

Earlier this year, Tibco teamed with data distribution vendor GemStone Systems to create the Enterprise Services Solution. That enterprise integration platform aims to facilitate information sharing within or between agencies. It could be another example of bringing the right technology tools to market at the right time. l

Moore is a freelance writer based in Syracuse, N.Y.

NEXT STORY: L.A. site keeps tabs on convention

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.