Press Release

Denim Group Awarded AFWERX SBIR Phase II Contract to Further Accelerate Distributed Software Delivery to Air Force Operators

October 6, 2020

On June 1, 2021, Denim Group was acquired by world leading cybersecurity advisor, Coalfire.

Together, the combined teams represent one of the biggest and most recognized industry-leading cloud and application security solution providers in the market.

October 6, 2020 - SAN ANTONIO–(BUSINESS WIRE)–Denim Group, the leading independent application security firm, today announced AFWERX awarded them a Phase II Small Business Innovative Research (SBIR) contract to accelerate the Air Force’s approval to operate process (ATO) and provide operators mission critical software more quickly. Through issuing the Phase II contract — following a Phase 1 contract issued in January — the Air Force has identified ThreadFix as having sustained potential to advance the software development lifecycle and support the continuous accreditation processes needed to achieve mission readiness.

“The award of a Phase II contract by the Department of Defense and the Air Force demonstrates how important software assurance and operational approvals are to our defense mission”

“The award of a Phase II contract by the Department of Defense and the Air Force demonstrates how important software assurance and operational approvals are to our defense mission,” said Denim Group Principal and former Air Force cyber officer John Dickson. “Through the use and implementation of ThreadFix within their DevSecOps pipelines, we are able to assist with the building and deployment of better software more rapidly, to quickly achieve Authority To Operate and get new capabilities in warfighters’ hands.”

Applications of commercial technologies, such as ThreadFix, are critical to achieving defense mission priorities. Defense and intelligence organizations have used ThreadFix for almost 4 years to automate capability development. It is also used to support the creation and updating of applications, having been implemented into the Risk Management Framework (RMF) and Assessment and Authorization (A&A) processes. ThreadFix operates as part of the DevSecOps pipeline assuring a reduction in time from development to deployment of critical software, reducing delays within the accreditation process by up to 24 months.

In order to better support Air Force software factories and programs that perform DevSecOps functions for operators, capabilities have been added to ThreadFix over the course of both SBIR Phase I and II contracts. Denim Group has worked with various innovative Air Force programs to drive continuous software delivery, feedback and learning. The need for agility and responsiveness within environments that have traditionally struggled to keep pace with modern development approaches will only continue to increase, and Denim Group is committed to support this evolution.

For additional information about SBIR please see the Airmen Guide to SBIR here.

About Coalfire
The world’s leading technology infrastructure providers, SaaS companies, and enterprises – including the top-five cloud service providers and eight of the top-10 SaaS organizations – rely on Coalfire to strengthen their security posture and secure their digital transformations. As the largest firm dedicated to cybersecurity, Coalfire delivers a comprehensive suite of advisory and managed services, spanning cyber strategy and risk, cloud security, threat and vulnerability management, application security, privacy, and compliance management. A proven leader in cybersecurity for the past 20 years, Coalfire combines extensive cloud expertise, advanced technology, and innovative approaches that fuel success.


For media inquiries:

Mike Gallo
(212) 239-8594