DHS Science and Technology Directorate Awards Contract to Red Hat and Kryptowire to Advance Mobile Application Lifecycle Security


Red Hat, Inc. (NYSE: RHT), the world's leading provider of open-source solutions, and Kryptowire, leading provider of a military-grade mobile application security testing platform used by top-security Federal agencies, today announced that the companies have been awarded a contract from the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) to advance mobile application lifecycle security.


We are excited to collaborate with Kryptowire to help the U.S. government provide automated enforcement of government security standards in mobile apps.

Paul Smith

senior vice president and general manager, Public Sector, Red Hat

The grant for the project—titled “Assured Mobile Application Lifecycle using Red Hat Enterprise”—was announced in a DHS S&T press release.

In May, DHS S&T announced the findings of its “Study on Mobile Device Security”, conducted in coordination with the National Institute of Standards and Technology and its National Cybersecurity Center of Excellence. According to that announcement, “[t]he study found that the threats to the Federal government’s use of mobile devices—smartphones and tablet computers running mobile operating systems—exist across all elements of the mobile ecosystem. These threats require a security approach that differs substantially from the protections developed for desktop workstations largely because mobile devices are exposed to a distinct set of threats, frequently operate outside of enterprise protections and have evolved independently of desktop architectures.”

Through the DHS S&T Mobile Application Security project, Red Hat and Kryptowire will help to address this mobile security gap by developing a framework for automation of security and privacy compliance in the mobile application lifecycle. To do so, the companies plan to collaborate on the following development initiatives:

  • A Red Hat Mobile Application Platform extension that will use Kryptowire’s mobile application testing capabilities to automatically enforce checks throughout the mobile application development process to enable code and third-party library compliance with U.S. mobile security standards.
  • Security updates and notifications to address new security or privacy vulnerabilities that affect an application while it is already deployed, enabling end-users to more quickly address new threats. Updates can be enforced in several ways, including user notifications and denial of back-end services. Red Hat and Kryptowire propose augmenting the support for security notifications and updates by including additional re-usable services in Red Hat Mobile Application Platform.
  • Optimization of Kryptowire's mobile application certification platform for Red Hat Mobile Application Platform’s processes, with a goal of creating a commercial solution that will improve end-to-end mobile security solutions throughout DHS and other U.S. government agencies.

Supporting Quotes
Paul Smith, senior vice president and general manager, Public Sector, Red Hat
“Mobile devices—including smartphones and tablets—are used across government agencies, but these devices and the mobile apps that run on them require a unique approach to security. This DHS S&T Mobile Application Security project aims to help address this security gap with an approach to mobile app security that can serve as a best practice across U.S. government agencies. We are excited to collaborate with Kryptowire to help the U.S. government provide automated enforcement of government security standards in mobile apps and, through this automated approach, help minimize human error during application releases.”

Angelos Stavrou, CEO, Kryptowire LLC
“Kryptowire's mobile app software assurance technology can now be used during every stage of the software development lifecycle. Enterprises will be able to analyze the mobile apps they develop in-house, to ensure they meet the same internationally recognized security requirements used for classified and national security systems.”

Additional Resources

Connect with Red Hat

  • About Red Hat
  • Red Hat is the world's leading provider of open-source software solutions, using a community-powered approach to provide reliable and high-performing cloud, Linux, middleware, storage and virtualization technologies. Red Hat also offers award-winning support, training, and consulting services. As a connective hub in a global network of enterprises, partners, and open source communities, Red Hat helps create relevant, innovative technologies that liberate resources for growth and prepare customers for the future of IT. Learn more at http://www.redhat.com.

    About Kryptowire Kryptowire automatically tests and validates the security of mobile and IoT firmware and applications to the highest government and industry software assurance standards. Kryptowire was jumpstarted by the Defense Advanced Research Projects Agency (DARPA) and the Department of Homeland Security (DHS) in 2011, is based in Fairfax, Virginia, USA and has a customer base ranging from government agencies to national cable TV companies. For more information and to schedule a demo, visit www.kryptowire.com.

  • Forward-Looking Statements
  • Red Hat’s Forward-Looking Statements Certain statements contained in this press release may constitute "forward-looking statements" within the meaning of the Private Securities Litigation Reform Act of 1995. Forward-looking statements provide current expectations of future events based on certain assumptions and include any statement that does not directly relate to any historical or current fact. Actual results may differ materially from those indicated by such forward-looking statements as a result of various important factors, including: risks related to the ability of the Company to compete effectively; the ability to deliver and stimulate demand for new products and technological innovations on a timely basis; delays or reductions in information technology spending; the integration of acquisitions and the ability to market successfully acquired technologies and products; fluctuations in exchange rates; the effects of industry consolidation; uncertainty and adverse results in litigation and related settlements; the inability to adequately protect Company intellectual property and the potential for infringement or breach of license claims of or relating to third party intellectual property; risks related to data and information security vulnerabilities; changes in and a dependence on key personnel; the ability to meet financial and operational challenges encountered in our international operations; and ineffective management of, and control over, the Company's growth and international operations, as well as other factors contained in our most recent Quarterly Report on Form 10-Q (copies of which may be accessed through the Securities and Exchange Commission's website at http://www.sec.gov), including those found therein under the captions "Risk Factors" and "Management's Discussion and Analysis of Financial Condition and Results of Operations". In addition to these factors, actual future performance, outcomes, and results may differ materially because of more general factors including (without limitation) general industry and market conditions and growth rates, economic and political conditions, governmental and public policy changes and the impact of natural disasters such as earthquakes and floods. The forward-looking statements included in this press release represent the Company's views as of the date of this press release and these views could change. However, while the Company may elect to update these forward-looking statements at some point in the future, the Company specifically disclaims any obligation to do so. These forward-looking statements should not be relied upon as representing the Company's views as of any date subsequent to the date of this press release.


    Red Hat is a trademark or registered trademark of Red Hat, Inc. or its subsidiaries in the U.S. and other countries. Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.