Forescout announced that it secured a new contract with the DoD as it enters year four of the highly successful Comply-to-Connect (C2C) program. The program's next stage will be to configure delivered capabilities to enforce zero trust access principles across the DoD Information Network (DoDIN) enterprise and bring the DoD closer to the goals set forth in the Department's Zero Trust Strategy. As advocated by the Defense Information System Agency (DISA) C2C Program Management Office (PMO), the new contract also delivers additional capabilities to the C2C platform that revolutionize security of Operational Technology networks and integrates risk management and decision making into the existing C2C platform.

This addition further positions the DoD to apply NIST zero trust principles to millions of devices across the enterprise. Implementation of zero trust principles using Forescout's C2C capabilities is already being achieved in some areas of the Army, via an initiative being taught at Fort Gordon school houses and referenced in Defense Acquisition University. With the first three steps of the program - visibility, compliance assessment, and automated remediation - well underway, administrators can now use Forescout's orchestration capabilities to manage policy enforcement points to create the desired effects on an individual user/device/access request basis.

Additionally, Forescout's continuous monitoring capabilities are at work to ensure connected devices don't fall out of compliance due to files getting corrupted, simple administrative mistakes, or malicious adversarial actions, all of which occur daily on the DoDIN. C2C is one of the largest government cybersecurity initiatives in the world delivering enterprise scale capabilities for managing cyber operational risk. With the program now in its fourth year, automated control of access to and within the DoDIN will ensure that each network user has the access necessary to achieve their mission without exposing other users to threats that could impact their ability to complete their mission.

The Forescout platform provides comprehensive capabilities for the DoD's C2C security framework that enables the critical first pillar of DISA's zero trust program called Thunderdome. This includes: Network-based discovery and classification of assets, including an expanding set of "unmanaged" assets that are unable to operate agents (C2C Steps 1 and 2); Integration with other enterprise solutions such as Identity, Credential, and Access Management (ICAM); Security Information Event Management (SIEM); and Vulnerability Assessment products to automate compliance of the cybersecurity posture and establish trust for every connecting asset (C2C Step 3); Orchestration of policy enforcement points across the infrastructure to enforce network access control and segmentation of assets as well as complete situational awareness of the network posture (C2C Steps 4 and 5).