Evolver Federal

Additional Info

Websitehttps://evolverinc.com/
Company size (employees)100 to 499
Headquarters RegionNorth America

Overview

The Evolver cybersecurity team has played a pivotal role in strengthening the security posture of our clients through innovative risk management, vulnerability remediation, and process improvement initiatives. In 2024, the team achieved remarkable milestones, including reducing technical debt by remediating approximately 70% of the most critical container-based vulnerabilities, a significant step in enhancing security resilience.

One of the team’s standout accomplishments was successfully defining and implementing Organizationally Defined Parameters (ODPs) for NIST 800-53 Rev. 5 controls—an effort that had previously failed three times over the past 13 years. Their leadership in this area has set a new standard for cybersecurity governance within the agency. Additionally, the team contributed to the establishment and maturation of our client’s Vulnerability Management Program, enabling the agency to achieve a 95% score in the Vulnerability Management component of the FISMA Scorecard for the first time in its history.

Beyond risk remediation, the team has driven operational efficiency by implementing improvements to the A-123 audit processes, reducing the control failure rate by over 50% year-over-year. They also developed and delivered the first-ever System Owner Role-Based Training, aligning with NIST’s NICE Workforce Framework for Cybersecurity to enhance collaboration between the Information Security Division and business stakeholders.

Further demonstrating innovation, the team developed a Minimum Viable Product (MVP) for audit event detection at both the database and operating system levels, addressing persistent audit findings. Their customized risk quantification solution, leveraging Splunk dashboards, provides visibility into FISMA system risk scores, enabling targeted risk mitigation. Through their professionalism, expertise, and commitment to cybersecurity excellence, the CMASS team has earned recognition from USCIS leadership, business stakeholders, and our customer’s leadership (major federal agency), making them a standout nominee for this award.

How we are different

Successfully remediated ~70% of critical container-based vulnerabilities, led the first successful implementation of NIST 800-53 Rev. 5 Organizationally Defined Parameters in 13 years, and contributed to our client achieving a 95% Vulnerability Management score on the FISMA Scorecard.


Enhanced the A-123 audit process, reducing control failure rates by over 50%, developed the first-ever System Owner Role-Based Training aligned with NIST’s NICE Framework, and expanded audit event detection capabilities to strengthen monitoring and compliance.


Created a customized Splunk-based risk quantification model for real-time FISMA risk scoring, received public recognition from client leadership for audit response and vulnerability management efforts, and provided critical cybersecurity support to a major law enforcement agency at the request of our client’s senior leadership.


  • Vote for this Nomination
    (click the thumbs-up icon to cast your vote)

Promote this Nomination

Browse Award Nominations