From the Foxhole to the Cloud

GSA SCHEDULE 70: Highly Adaptive Cybersecurity Services (HACS)



Foxhole Technology provides near real-time and historical network event analysis, based on advanced, analytical techniques we have developed over a five year span providing high level SIEM services for commands across the globe. Our advances help mitigate the challenges associated with data aggregation – such as implementing a common event format (CEF) to normalize data, while significantly increasing ingest rates into the SIEM. Our Correlated Risk Visualization (CRV) reduces false positives – enabling watch floor analysts to focus on, and react to, the most relevant threats and vulnerabilities. Our advancements, along with the continuing formulation of new solutions, also address other inherent, upcoming challenges – including Data Transport/Data Tagging and Data Correlation/False Positive Analysis. We have a proven track record of maintaining current operational requirements, while executing on the organization's "to-be" vision for a robust SIEM program that must continue to scale and evolve well into the future.

Photo by aetb/iStock / Getty Images


Foxhole Technology provides 24/7/365 security operations capabilities for incident response and enterprise monitoring. Our teams provide command and control, while leveraging play-books to isolate and mitigate threats to enterprise networks and mission systems. Our security engineers support global deployments of Computer Network Defense (CND) software – including one of the largest ArcSight deployments in the world. But, the strategic and tactical roles of global, regional and local SOCs, and the design of security operations at all levels, cannot be done by selecting technology in isolation. Our designs use security and information technology to address current and expected future security risks; while also taking into account the business/mission culture of the organization. Our team of experts bring deep expertise in an array of security tools to ensure an agnostic, tailored approach that meets all requirements and regulations.

Learn More →


Foxhole Technology has a proven history in the applying the National Institute of Standards and Technology (NIST) four-phased A&A process to ensure government agencies that their information systems are complian with mandated federal controls:
1. Initiation and Planning
2. Certification
3. Accreditation
4. Continuous Monitoring

Photo by ra2studio/iStock / Getty Images
Photo by NorthernStock/iStock / Getty Images

Software engineering

Foxhole Technology software engineers address security, software assurance and survivability throughout the development and acquisition lifecycles by creating methods, solutions, and training that can be integrated into existing practices. Our cybersecurity engineering teams help organizations focus on security in the early stages –  resulting in major reductions in operational vulnerabilities, as well as reductions in software patching. Our modeling and analysis research helps our clients analyze complexity and integration issues throughout the development lifecycle – ensuring development is proceeding as planned, and security decisions remain linked, and aligned, to mission-critical needs.


Foxhole Technology systems engineering methodologies provide disciplined processes to develop and deliver technology throughout the system lifecycle. As a focus to further enable cybersecurity, we work hand in hand with the customer on everything from training in the proper use of the technology to the development of policies that affect users, the use of systems and the equities of the customer that need confidentiality – providing full cradle to grave capabilities and implementations that securely traverse the entire enterprise, as well as across the world.

Test and evaluation

Foxhole Technology integrates cybersecurity assessments into all aspects of test and evaluation – including planning for and ensuring that vulnerability assessments, vulnerability evaluations and intrusion assessment, cybersecurity inspections, and adversarial test operations are performed to provide a systemic view of enclave and information system cybersecurity posture. Incorporating cybersecurity planning, imple-mentation, testing and evaluation early in the acquisition process, and reflecting these in the our Test and Evaluation Master Plan (TEMP), we further ensure cybersecurity T&E is conducted throughout the lifecycle; integrated with interoperability and other functional testing; and that our cybersecurity experts participate in planning, execution and reporting of integrated T&E activities.