Despite offering numerous solutions, we have select solutions that highlight our core competencies in operational efficiency and project efficacy. As state departments implement new technology and successfully execute projects, it is vital that departments have the proper tools and solutions to achieve and track their initiatives. With over 30 years worth of project management experience, we've identified key solutions that are invaluable to department's success.
DEVOPS solutionS.
Gitlab
DevSecOps
Gitlab is a leader in the DevSecOps space. The Gitlab product combines the entire Software Development Lifecycle (SDLC) into one comprehensive solution. If you are looking to replace or implement only a fragment of your SDLC, you can easily integrate Gitlab into a single portion of your cycle with no messy "rip and replace" of your current solution. Gitlab easily integrates with leading DevOps solutions and popular software (VMware, Red Hat, Docker, Github, etc.), and can fill any holes you may have in your SDLC. Gitlab is constantly innovating, they are open source, and they actually have a free subscription option.
Current Contracts: SLP, CMAS
INVICTI
APPLICATION SECURITY
Automation- Your security challenges grow faster than your team. That’s why you need security testing automation built into every step of your SDLC.
- Automate security tasks and save your team hundreds of hours each month.
- Identify the vulnerabilities that really matter — then seamlessly assign them for remediation.
- Help security and development teams get ahead of their workloads — whether you run an AppSec, DevOps, or DevSecOps program.
Visibility- Without complete visibility into your apps, vulnerabilities, and remediation efforts, it’s impossible to prove you’re doing everything you can to reduce your company’s risk.
- Find all your web assets — even ones that have been lost, forgotten, or created by rogue departments.
- Scan the corners of your apps that other tools miss with our unique dynamic + interactive (DAST + IAST) scanning approach.
- Always know the status of your remediation efforts, through Invicti or native integrations with your issue tracking and ticketing software.
Accuracy- Head-to-head tests by independent researchers show that Invicti consistently identifies more vulnerabilities than other scanning tools. And returns fewer false positives.
- Find more true vulnerabilities with our unique dynamic + interactive (DAST + IAST) scanning approach.
- Let no vulnerability go unnoticed with combined signature and behavior-based testing.
- Detect vulnerabilities quickly with comprehensive scanning that doesn’t sacrifice speed or accuracy.
Scalability
- Reclaim the hundreds of hours your team spends chasing down false positives with features that confirm which vulnerabilities are real threats.
- Integrate security testing into your entire SDLC with powerful two-way integrations into the tools your development team already uses.
- Control permissions for unlimited users — no matter how complex your organization’s structure.
Proactive- The longer a vulnerability lasts in your SDLC, the more costly it is to fix. Invicti helps you prevent vulnerabilities by showing your developers how to write more secure code in their existing environment. Because the easiest vulnerabilities to manage are the ones that never exist in the first place.
- Build security into your culture by integrating Invicti into the tools and workflows your developers use daily.
- Give developers access to actionable feedback that helps them produce more secure code — which means less work for your security team.
- Prevent delays with continuous scanning that stops risks from being introduced in the first place.
- Automate security tasks and save your team hundreds of hours each month.
- Identify the vulnerabilities that really matter — then seamlessly assign them for remediation.
- Help security and development teams get ahead of their workloads — whether you run an AppSec, DevOps, or DevSecOps program.
Visibility- Without complete visibility into your apps, vulnerabilities, and remediation efforts, it’s impossible to prove you’re doing everything you can to reduce your company’s risk.
- Find all your web assets — even ones that have been lost, forgotten, or created by rogue departments.
- Scan the corners of your apps that other tools miss with our unique dynamic + interactive (DAST + IAST) scanning approach.
- Always know the status of your remediation efforts, through Invicti or native integrations with your issue tracking and ticketing software.
Accuracy- Head-to-head tests by independent researchers show that Invicti consistently identifies more vulnerabilities than other scanning tools. And returns fewer false positives.
- Find more true vulnerabilities with our unique dynamic + interactive (DAST + IAST) scanning approach.
- Let no vulnerability go unnoticed with combined signature and behavior-based testing.
- Detect vulnerabilities quickly with comprehensive scanning that doesn’t sacrifice speed or accuracy.
Scalability
- Reclaim the hundreds of hours your team spends chasing down false positives with features that confirm which vulnerabilities are real threats.
- Integrate security testing into your entire SDLC with powerful two-way integrations into the tools your development team already uses.
- Control permissions for unlimited users — no matter how complex your organization’s structure.
Proactive- The longer a vulnerability lasts in your SDLC, the more costly it is to fix. Invicti helps you prevent vulnerabilities by showing your developers how to write more secure code in their existing environment. Because the easiest vulnerabilities to manage are the ones that never exist in the first place.
- Build security into your culture by integrating Invicti into the tools and workflows your developers use daily.
- Give developers access to actionable feedback that helps them produce more secure code — which means less work for your security team.
- Prevent delays with continuous scanning that stops risks from being introduced in the first place.
Current Contracts: CMAS
Automation, RPA Solutions.
City Innovate
Procurement Automation and Efficiency
City Innovate's Solicitation Builder automates and expedites document automation. Their tool was specifically tailored for procurement teams. Writing RFI's, RFP's, etc. is accelerated all while adhering to compliance standards. They also have a program (STIR) that empowers government to leverage Challenge-Based Procurement to streamline technology acquisition and reduce risk. City Innovate (STIR) provides programming, coaching, and mentoring to enable governments to express their needs in the form of a challenge to vendors.
City Innovate is currently being used at 10 California state departments. They are working on developing an integration with Fi$cal.
City Innovate is currently being used at 10 California state departments. They are working on developing an integration with Fi$cal.
Current Contracts: SLP
Automation Anywhere
Robotic Process Automation
Automation 360 is an industry-leading RPA and digital workforce platform that combines an easy-to-use user interface with enterprise-class reliability and the security to enable real-time self-automation. It delivers a browser-based, intuitive experience for business users to quickly automate tasks and tools for developers to build process automation. Automation 360 provides both On-Premises and Cloud deployment options and is the first platform that provides RPA-as-a-Service as an automation solution. It enables users to automate applications across different infrastructures and industries such as banking, telecommunications, and business process outsourcing (BPO) organizations.
Automation 360 provides capabilities such as the following:
- An intuitive interface to create a bot and design business process automation workflows.
- Support for multiple operating systems including Windows, Linux, and MacOS.
- Different views of bot to facilitate collaboration: flow view for business users, list view for developers, and dual view for collaboration.
- Recorder that works across various platforms such as Microsoft Windows, Citrix, Web, and SAP.
- Advanced variables capabilities and support for JavaScript, Python, and VBScript.
- A flexible architecture that enables you to add new command packages.
Automation 360 provides capabilities such as the following:
- An intuitive interface to create a bot and design business process automation workflows.
- Support for multiple operating systems including Windows, Linux, and MacOS.
- Different views of bot to facilitate collaboration: flow view for business users, list view for developers, and dual view for collaboration.
- Recorder that works across various platforms such as Microsoft Windows, Citrix, Web, and SAP.
- Advanced variables capabilities and support for JavaScript, Python, and VBScript.
- A flexible architecture that enables you to add new command packages.
Current Contracts: CMAS
Simpligov
WORKFLOW AND FORMS AUTOMATION
Simpligov is a SaaS government workflow automation solution that’s incredibly quick and easy to adopt, with no infrastructure costs and low total cost of ownership.
Easy online form design - create any digital online form in just minutes with no coding or IT support needed, thanks to their drag-and-drop form builder. Import existing forms, build new ones, embed conditional logic, use multiple form field types, integrate e-signatures and more
Build automated workflows - Deftly define logic and rules, automate routings, set permissions, create custom notifications, then publish workflows to any location you pick.
Customizable and scalable
Standardize documents and processes - Drive immediate ROI by standardizing routine documents, forms and workflows. SimpliGov lets you ensure consistency in filings, routings, revisions, approvals, archiving or any other part of a process
Flexible, real-time collaboration- Team members can simultaneously edit workflow data fields and file attachments, without needing to create editing loops or structured paths. Invite collaborators to secure online rooms, work on documents together and participate in conversations with peers
Multi-language Support- Create workflows and forms with dynamic language updating, so users can view form fields and instructions in the language of their choice
Augment audits and analytics- every workflow is automatically archived, promoting transparency and accountability across the enterprise. Custom dashboards and visualization tools give you insights and real-time updates to keep you on top of workflow performance. Also, customizable reports can be sent to your inbox or exported for offline review.
Accelerate content- people can access and work with content no matter where it – or they – are located.
Quick deployments and seamless integration- Deploys quickly, including on mobile devices. It integrates smoothly with your existing IT infrastructure and software APIs, with no “rip-and-replace” required
Easy online form design - create any digital online form in just minutes with no coding or IT support needed, thanks to their drag-and-drop form builder. Import existing forms, build new ones, embed conditional logic, use multiple form field types, integrate e-signatures and more
Build automated workflows - Deftly define logic and rules, automate routings, set permissions, create custom notifications, then publish workflows to any location you pick.
Customizable and scalable
Standardize documents and processes - Drive immediate ROI by standardizing routine documents, forms and workflows. SimpliGov lets you ensure consistency in filings, routings, revisions, approvals, archiving or any other part of a process
Flexible, real-time collaboration- Team members can simultaneously edit workflow data fields and file attachments, without needing to create editing loops or structured paths. Invite collaborators to secure online rooms, work on documents together and participate in conversations with peers
Multi-language Support- Create workflows and forms with dynamic language updating, so users can view form fields and instructions in the language of their choice
Augment audits and analytics- every workflow is automatically archived, promoting transparency and accountability across the enterprise. Custom dashboards and visualization tools give you insights and real-time updates to keep you on top of workflow performance. Also, customizable reports can be sent to your inbox or exported for offline review.
Accelerate content- people can access and work with content no matter where it – or they – are located.
Quick deployments and seamless integration- Deploys quickly, including on mobile devices. It integrates smoothly with your existing IT infrastructure and software APIs, with no “rip-and-replace” required
Current Contracts: N/A
Other Resources:
CROW CANYON SOFTWARE
M365 AND SHAREPOINT AUTOMATION
Crow Canyon augments your Office 365 and Sharepoint platforms through custom or pre-built automation. You can either use their extensive library of pre-built business applications, or make your own applications using their popular Nitro Studio tool. They also can integrate a wide array of bots with Microsoft Teams to streamline communication. IT help desk, IT asset management, IT project manager, work order management, equipment tracking, employee self-service portal, purchasing, contract management, and request manager are a few of the pre-built applications they have built to integrate with your MS platform. Reach out to us to learn about how Crow Canyon can improve your current business processes.
Current Contracts: SLP
Department Efficiency & Efficacy Tools.
Ecivis
Grant Management
Whether your department needs more funding for a project, needs to track grant recipients, or needs to distribute funding, Ecivis's Grants Network has you covered. Their Grants Network is 100% compliant with CFR 200 Uniform Grant Guidance.
Find a Grant:
eCivis uses a customizable search box to filter through grants that aren't a fit for your department. Once opportunities aligned with your organization are discovered, an email is sent straight to your inbox.
Monitor your Grants:
Grants Network lets you track and report your grants in one space. Track and report your grants, projects, and expenditures in one place.
eCivis can help departments calculate and negotiate indirect cost rates on-demand, as well as track your budgets in one easy-to-use portal through their solution "Allocate"
Find a Grant:
eCivis uses a customizable search box to filter through grants that aren't a fit for your department. Once opportunities aligned with your organization are discovered, an email is sent straight to your inbox.
Monitor your Grants:
Grants Network lets you track and report your grants in one space. Track and report your grants, projects, and expenditures in one place.
eCivis can help departments calculate and negotiate indirect cost rates on-demand, as well as track your budgets in one easy-to-use portal through their solution "Allocate"
Current Contracts: N/A
MCorp
Project Assessment
Only 30% of transformation meet or exceed their target value (BCG 2020)
66% of technology projects end in partial or total failure (Standish Group 2020)
$260B is the total estimated cost of unsuccessful IT/software projects in the US (CISQ 2020)
ReM Score is an M Corp product designed to identify your strengths and vulnerabilities across 14 domains of measurement. It’s a proven way to reveal your areas of risk before you start your initiatives – guesswork no longer plays a role. ReM will pinpoint exactly what corrective actions you need to take, making it easier to clear obstacles and mitigate risk at every turn.
66% of technology projects end in partial or total failure (Standish Group 2020)
$260B is the total estimated cost of unsuccessful IT/software projects in the US (CISQ 2020)
ReM Score is an M Corp product designed to identify your strengths and vulnerabilities across 14 domains of measurement. It’s a proven way to reveal your areas of risk before you start your initiatives – guesswork no longer plays a role. ReM will pinpoint exactly what corrective actions you need to take, making it easier to clear obstacles and mitigate risk at every turn.
Current Contracts: N/A
EQUIDOX
Accessibility
Equidox PDF remediation software quickly and easily converts inaccessible PDF documents into accessible and usable PDF content. No need to interact with a complex tag tree.
Document remediation can be time-consuming and complex. Equidox software takes the hard work out of making PDFs accessible, saving both time and money.
Easy to Learn- No Expertise Required.Novice or pro, Equidox is so easy to use you can learn the basics in an hour with our live, webinar-style training. Free support from live experts is included with licenses.
Smart Detection Tools- AI-powered smart detection tools reduce the time spent remediating by as much as 90%. Quickly identify text, images, links, and existing tags. Tag tables and lists in just a few clicks.
Cloud or On-Prem- Equidox’s provides a secure concurrent license model that is cloud-based or on-premises for local servers. Concurrent licenses allows collaboration so you can streamline the process and meet deadlines by sharing the workload.
Document remediation can be time-consuming and complex. Equidox software takes the hard work out of making PDFs accessible, saving both time and money.
Easy to Learn- No Expertise Required.Novice or pro, Equidox is so easy to use you can learn the basics in an hour with our live, webinar-style training. Free support from live experts is included with licenses.
Smart Detection Tools- AI-powered smart detection tools reduce the time spent remediating by as much as 90%. Quickly identify text, images, links, and existing tags. Tag tables and lists in just a few clicks.
Cloud or On-Prem- Equidox’s provides a secure concurrent license model that is cloud-based or on-premises for local servers. Concurrent licenses allows collaboration so you can streamline the process and meet deadlines by sharing the workload.
Current Contracts: CMAS
Secure your Department.
Dynatrace
Application Performance Monitoring
Dynatrace is a software-intelligence monitoring platform that reduces the complexity of enterprise cloud environments and speeds up digital transformation. Dynatrace provides information about your app performance, their infrastructure, and your end user’s experience using AI and automation. Dynatrace can completely automate your enterprise cloud operations, and create software faster using:
Infrastructure Monitoring.
Dynatrace delivers simple and automated infrastructure monitoring that provides broad visibility across your hosts, VMs, containers, network, events, and logs. Dynatrace continuously auto-discovers your dynamic environment and pulls infrastructure metrics into their Davis® AI engine, so you can consolidate tools and cut MTTI.
Applications and Microservices.
Dynatrace provides automated, code-level visibility and root-cause answers for applications that span complex enterprise cloud environments.
Digital Experience Monitoring (DEM).
Dynatrace DEM provides Real User Monitoring (RUM) for every one of your customer's journeys, synthetic monitoring across a global network, and 4K movie-like Session Replay.How is Dynatrace Different From Other Cloud Monitoring Solutions?
Dynatrace is automated from deployment to instrumentation, discovery, dependency mapping, baselining, problem identification, and root-cause. All that is required is the installation of a single agent. While other solutions monitor and report on numerous metrics, Dynatrace provides context. This includes understanding and mapping all the relationships and interdependencies, top to bottom, from end-user experience all the way down to the infrastructure. Last, Dynatrace uses AI or AIOps. While some solutions have machine learning, Dynatrace uses Davis AI engine to process billions of dependencies in milliseconds.
Infrastructure Monitoring.
Dynatrace delivers simple and automated infrastructure monitoring that provides broad visibility across your hosts, VMs, containers, network, events, and logs. Dynatrace continuously auto-discovers your dynamic environment and pulls infrastructure metrics into their Davis® AI engine, so you can consolidate tools and cut MTTI.
Applications and Microservices.
Dynatrace provides automated, code-level visibility and root-cause answers for applications that span complex enterprise cloud environments.
Digital Experience Monitoring (DEM).
Dynatrace DEM provides Real User Monitoring (RUM) for every one of your customer's journeys, synthetic monitoring across a global network, and 4K movie-like Session Replay.How is Dynatrace Different From Other Cloud Monitoring Solutions?
Dynatrace is automated from deployment to instrumentation, discovery, dependency mapping, baselining, problem identification, and root-cause. All that is required is the installation of a single agent. While other solutions monitor and report on numerous metrics, Dynatrace provides context. This includes understanding and mapping all the relationships and interdependencies, top to bottom, from end-user experience all the way down to the infrastructure. Last, Dynatrace uses AI or AIOps. While some solutions have machine learning, Dynatrace uses Davis AI engine to process billions of dependencies in milliseconds.
Current COntracts: CMAS
COUNTERCRAFT
CYBER DECEPTION
CounterCraft provides a distributed Deception Platform that creates automated digital breadcrumbs to bait adversaries into thinking they are penetrating companies’ networks. This innovative cybersecurity approach allows CounterCraft to get information on attackers’ and objectives while misdirecting them.
Their solution deploys deception-based campaigns and offers deep monitoring and complex response actions. The Cyber Deception Platform is currently used by governments, law enforcement agencies, and Fortune 500 companies – proving our craft and expertise in IT security. It runs automated counterintelligence to discover targeted attacks with a real-time active response and zero false positives.
Their solution deploys deception-based campaigns and offers deep monitoring and complex response actions. The Cyber Deception Platform is currently used by governments, law enforcement agencies, and Fortune 500 companies – proving our craft and expertise in IT security. It runs automated counterintelligence to discover targeted attacks with a real-time active response and zero false positives.
Current Contracts: N/A
OneTrust
Privacy Management
OneTrust LLC provides provides privacy management software platforms that help organization comply with data privacy, governance, and security regulations. They have a tool specific to the California Consumer Privacy Act (CCPA). Their solution automates responses to consumer rights and Do Not Sell Requests.
Consumer rights requests - Automate consumer rights requests from intake through fulfillment.
Opt-Out of Sale - Enable opt-out of sale across web, mobile, and CTV, automating recordkeeping & communication to third-parties.
Data Mapping Automation - Automate the discovery, classification, and mapping of California consumer data.
Incident Management - Get guidance for California rules and streamline notifications for impacted parties.
Their solutions range from privacy management, data governance, consent/governance, and IT Risk/security management
Consumer rights requests - Automate consumer rights requests from intake through fulfillment.
Opt-Out of Sale - Enable opt-out of sale across web, mobile, and CTV, automating recordkeeping & communication to third-parties.
Data Mapping Automation - Automate the discovery, classification, and mapping of California consumer data.
Incident Management - Get guidance for California rules and streamline notifications for impacted parties.
Their solutions range from privacy management, data governance, consent/governance, and IT Risk/security management
Current Contracts: N/A
SentinelOne
Enterprise Security
SentinelOne is a comprehensive enterprise security platform that provides threat detection, hunting, and response features that enable organizations to discover vulnerabilities and protect IT operations. SentinelOne integrates static artificial intelligence (AI) to provide real-time endpoint protection and reduce false positives that derail investigations or make threat detection a capital-intensive process.
Their platform includes:
Threat Detection
Detecting threats in real-time supports immediate response that mitigates discovered threats before they harm IT ecosystems. SentinelOne uses a patented Behavioral AI feature to recognize malicious actions and patterns. Threat detection is applied to detect file-less, zero-day, and nation-grade attacks. The integration of AI ensures threats are discovered in in a timely manner which reduces the effects of ransomware and phishing attacks.
Threat Hunting
Organizations should make it a goal to have a proactive process to discovering threats rather than a reactive one. Proactive threat hunting ensures attacks are sought out before they reach an enterprise network or infrastructure. SentinelOne delivers quick query times, and advanced actions when threat hunting. The advanced actions include pre-indexed forensic context to understand the motive behind attacks, full-native remote shell, and more.
AI Assisted Prevention
SentinelOne integrates Static AI on endpoints to prevent attacks in real-time. The integration of AI ensures threats are quickly culled and dealt with before they can affect network systems. The SentinelOne prevention model can be more efficient than legacy antivirus solutions as it produces low false positives while focusing on preventing real threats.
Automated Response
SentinelOne makes use of ActiveEDR to respond to issues within a network. ActiveEDR integrates behavioral AI and is capable of surgically reversing and removing malicious activities. Organizations can automate the response process to ensure it occurs in real-time. The AI-assisted response ensures devices connected to enterprise networks can individually respond to threats in real-time.
Their platform includes:
Threat Detection
Detecting threats in real-time supports immediate response that mitigates discovered threats before they harm IT ecosystems. SentinelOne uses a patented Behavioral AI feature to recognize malicious actions and patterns. Threat detection is applied to detect file-less, zero-day, and nation-grade attacks. The integration of AI ensures threats are discovered in in a timely manner which reduces the effects of ransomware and phishing attacks.
Threat Hunting
Organizations should make it a goal to have a proactive process to discovering threats rather than a reactive one. Proactive threat hunting ensures attacks are sought out before they reach an enterprise network or infrastructure. SentinelOne delivers quick query times, and advanced actions when threat hunting. The advanced actions include pre-indexed forensic context to understand the motive behind attacks, full-native remote shell, and more.
AI Assisted Prevention
SentinelOne integrates Static AI on endpoints to prevent attacks in real-time. The integration of AI ensures threats are quickly culled and dealt with before they can affect network systems. The SentinelOne prevention model can be more efficient than legacy antivirus solutions as it produces low false positives while focusing on preventing real threats.
Automated Response
SentinelOne makes use of ActiveEDR to respond to issues within a network. ActiveEDR integrates behavioral AI and is capable of surgically reversing and removing malicious activities. Organizations can automate the response process to ensure it occurs in real-time. The AI-assisted response ensures devices connected to enterprise networks can individually respond to threats in real-time.
