The digital defense contract may be the biggest of its kind this year.
The United States Air Force has awarded an $18.8 million contract for digital defense software to Endgame, the cybersecurity firm told Fortune.
Multiple analysts with whom Fortune spoke described the deal as potentially the largest of the year within the “endpoint detection and response” market, a segment of the $74 billion cybersecurity industry that involves finding and remediating security breaches on people’s computers. This niche portion of the fast-growing enterprise security market had a run rate of nearly $500 million in 2016, according to estimates by research firm Gartner.
In an era increasingly marked by cyber warfare, the Air Force’s purchase reflects the U.S. military’s ongoing efforts to equip its forces with the latest technology to defend against a host of adversaries staging computer-based attacks.
The Air Force began testing Endgame’s product after announcing a $1.5 million pilot program at the end of last year. That preliminary deal came on the heels of a report released by the Air Force’s Scientific Advisory Board, an independent federal committee of technical experts appointed by the Secretary of Defense, which warned of vulnerabilities in military infrastructure.
Now, the Air Force intends to extend its Endgame deployment across many thousands of internal computers, manned by so-called cyber protection teams. The military branch has already been using the company’s tools in internal “red flag” exercises, training games that pit offensive hackers against guards.
“The government is often seen as a laggard in technology, and often that is correct,” said Nate Fick, CEO of Endgame and a former Marine captain who served in Iraq and Afghanistan. “But in the case of cybersecurity, parts of the Department of Defense and military are the leading edge of adopters in the world.”
Since its inception in 2008, Endgame, or “the Blackwater of hacking,” as Forbes dubbed the firm in a 2014 feature, has had close ties to the nation’s defense and intelligence communities. The company began as a shop for creating and selling so-called zero-day vulnerabilities, or previously unknown coding flaws that attackers use to hack machines.
At the end of 2012, Fick took over as CEO, and began the process of pivoting Endgame into an enterprise software company, selling defensive tools instead of computer exploits. The firm today caters to security pros interested in “hunting,” actively seeking out and evicting adversaries from IT systems.
Out of some 30 vendors in the endpoint detection and response market, Endgame is a relative newcomer. Popular rivals include Carbon Black, CrowdStrike, Cylance, and FireEye FEYE 1.82% , as well as incumbents such as Symantec SYMC 1.16% and McAfee, which Intel’s INTC 0.49% security group partially spun out this year.
Peter Firstbrook, a vice president at the research firm Gartner who covers the IT security industry, told Fortune that he was “not aware of any bigger deals” than the one slated with the Air Force. Having said that, he added, most organizations tend to be secretive about the details of their security deals, which are often booked as three-year contracts.
Jon Oltsik, founder of the cybersecurity arm of the research firm Enterprise Strategy Group, agreed. “I haven’t heard of anything bigger,” he told Fortune.
An Air Force spokesperson declined to comment on the procurement decision.