The VA awards security contract to partnering firms
Merlin and Watchfire will build and maintain a Web application security system designed to reduce security breach risks at the VA.
The Department of Veterans Affairs has awarded information technology solutions provider Merlin International and Watchfire, a provider of Web application vulnerability software, a multimillion-dollar award to build and maintain a Web application security system that will reduce security breach risks at the VA.
Precise terms of the contract were not released.
Merlin and Watchfire will deploy Watchfire AppScan Enterprise to provide the VA with centralized security scanning and user-access controls, remediation capabilities, executive dashboards and compliance reporting, according to an announcement.
The agency, which has had several security breaches in the past several months, will be able to monitor and report in real time on the security compliance of specific Web applications. In addition, Merlin will perform the training and maintenance associated with the implementation, the announcement states.
As part of the newly announced partnership, Merlin said it will extend its security and compliance consulting services using Watchfire’s AppScan solutions. Merlin has added AppScan to its General Services Administration Federal Supply Service schedule.
“Merlin is committed to working with the [VA] to ensure they have the safest, most reliable infrastructure possible,” John Trauth, executive vice president of government systems at Merlin, said in the statement.
The combination of security systems integration expertise and Watchfire’s Web application vulnerability management technology will enable the VA to maintain a secure online environment for its employees and the millions of veterans who rely on the agency’s services, he added.
“Government Web sites have grown in size and complexity, and security and compliance issues can be spread across millions of Web pages,” said Peter McKay, president and chief executive officer of Watchfire, in the statement. “To effectively address these issues, agencies must continually monitor, measure, audit and report on these potential risks and levels of compliance.”