Welcome!

DreamPort is a combination of state-of-the-art facilities, innovative programs, and imaginative people charged with finding that spark that leads to unparalleled capability for USCYBERCOM and the warfighters at large.

Located in Columbia, Maryland, DreamPort was created under a Partnership Intermediary Agreement between MISI and United States Cyber Command (USCYBERCOM).

Notice for all interested parties to DreamPort events: Announcement of DreamPort events that are considered to have high potential for further efforts that may be accomplished via FAR-based contracting instruments, Other Transaction Authority (OTA) for Prototype Projects 10 USC 2371b, Prizes for advanced technology achievements 10 USC 2374a, and/or Prize Competitions 15 USC 3719, may be made at the dreamport.tech website. All announcements made at the dreamport.tech website are considered to satisfy the reasonable effort to obtain competition in accordance with 10 USC 2374a (b), 15 USC 3719 (e) and 10 USC 2371b (b)(2). All FAR based actions will follow announcement procedures per FAR 5.201(b) accordingly.

Why Register for DreamPort?

DreamPort welcomes all, but we'd like to know a little about you. We hold daily, monthly, and quarterly events, some by invitation only. By registering with the DreamPort you will receive our periodic emails about upcoming events, new services and capabilities, and mentoring opportunities. We provide a place where you can upload a resume, abstract or other document that describes who you are, what you are expert at, and how you want to help.

This information can also be about your organization or company. We use the information you provide to learn more about your interests and expertise. For example, are you a cyber subject matter expert that would like to engage in a rapid prototyping event (RPE)? We look forward to having you as a part of the DreamPort Partnership Network.

Register Now

ALERT: DHS Issues Shields Up Advisory

Every organization in the United States is at risk from cyber threats that can disrupt essential services and potentially result in impacts to public safety. Over the past year, cyber incidents have impacted many companies, non-profits, and other organizations, large and small, across multiple sectors of the economy.

Notably, the Russian government has used cyber as a key component of their force projection over the last decade, including previously in Ukraine in the 2015 timeframe. The Russian government understands that disabling or destroying critical infrastructure—including power and communications—can augment pressure on a country's government, military and population and accelerate their acceding to Russian objectives.

While there are not currently any specific credible threats to the U.S. homeland, we are mindful of the potential for the Russian government to consider escalating its destabilizing actions in ways that may impact others outside of Ukraine.

Based on this situation, CISA has been working closely with our critical infrastructure partners over the past several months to ensure awareness of potential threats—part of a paradigm shift from being reactive to being proactive.

CISA recommends all organizations–regardless of size–adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets. Read More

CISA Shields Up

Upcoming Events

Manufactured Crisis
Just Announced: RPE-019: Manufactured Crisis

October 3-7, 2022. In this rapid prototyping event, we are challenging participants to develop techniques for rapid, automated penetration testing. Developments in artificial intelligence (AI) algorithms, particularly in reinforcement learning, can enable exploitation decision-making at computer, rather than human, speed. We have $25,000 (USD) in prizes to give away to the best performers as determined by us!

Learn More
Artificial Intelligence and Machine Learning Immersion Day
Artificial Intelligence and Machine Learning Immersion Day

October 4, 2022 | 0830 – 1600 ET. Comb the way through the AI & ML forest to elevate the community and discover endless possibilities for effective cybersecurity solutions. Join members of USCYBERCOM, DoD, subject matter experts and industry partners for a full day of technical training sessions, expert presentations and select solutions. We are currently seeking subject matter experts to present.

Learn More
Engage USCYBERCOM Technology Expo
Engage USCYBERCOM Technology Expo

October 12, 2022 | 1000 - 1500. The Expo will host more than two dozen vendors providing information and live demonstrations in an unclassified environment in a conference hall style engagement atmosphere. We welcome Subject Matter Experts (SMEs), Technical Directors, Program Managers, Warrant Officers, Tech Experts and other interested parties from within USCYBERCOM, CNMF, and the Service Cyber Components who have needs that align with any current USCYBERCOM Technical Challenge Problem.  

Learn More and Register
Hack the Railroad
Hack the Railroad

October 18, 2022. Hack The Railroad is a hybrid cybersecurity event powered by Cylus & MISI, featuring talks from cybersecurity industry leaders and railroad cybersecurity trainings. We want to empower cyber warriors to protect our nation's most critical infrastructure which plays a primary role in the daily lives of people.

Learn More
The Maryland STEM Festival
The Maryland STEM Festival

October 14-November 13, 2022. The Maryland STEM Festival is a month-long celebration of science, technology, engineering and mathematics that takes place every Fall. In 2022, we'll be bringing hundreds of events focused on fun, interactive science learning opportunities. Students, families, friends, STEM professionals, teachers, volunteers will all enjoy events taking place throughout Maryland.

Learn More
WiCyS-CI Hack the Power
WiCyS-CI Hack the Power

November 2-3, 2022. Hack the Power is presented by Women in Cybersecurity - Critical Infrastructure (WiCyS-CI) in close partnership with Percival Engineering, Maryland Innovation and Security Institute (MISI), and Cybersecurity Association of Maryland (CAMI). This is a two-day hybrid event including critical infrastructure (ICS/SCADA) training followed by a Capture the Flag (CTF). This will be an offensive exercise demonstrating the impact of cyber attacks against electric power systems and critical mission operations ranging from data theft to a potentially catastrophic infrastructure failure.

Learn More (External)
Wireless Hacking and Exploitation Course
Wireless Hacking and Exploitation Course

November 7-10, 2022. This class will cover the essentials of using Kali (with a focus on WiFi/BT/SDR), current and emerging 802.11 wireless threats, and the wonderful world of Software Defined Radios. A completed bootstrapped curriculum that will provide new tips and tricks for the advanced, and a completely new experience to those who are just now learning about any of these topics.

Learn More (External)
DISA TEM: Second Front Systems
DISA TEM: Second Front Systems

September 27, 2022 | 1100 - 1200 ET. Game Warden is an accredited DevSecOps environment and secure cloud platform that enables rapid testing, evaluation, securing, accreditation, and deployment of software solutions onto government networks while providing flexibility on software development processes. Conference ID: 668 806 327#

Join Teams
Cyber Battle of Estonia
Cyber Battle of Estonia

September 26-30, 2022 | Estonia. MISI announces the MISI Cyber Team USA, powered by DreamPort that will compete in the Cyber Battle of Estonia 2022. Schools represented include Bowie State University (an HBCU and an NSA Centers of Academic Excellence in Cybersecurity University), Butler University, Villanova University, and Loyola Blakefield High School. MISI will be seeking and selecting one more student from an NSA CAE and or US Cyber Command Academic Engagement Network College or University. Application deadline is September 20th, 2022.

Learn More and Apply Here (External)
Savannah River Cyber Summit (SRCS)
Savannah River Cyber Summit (SRCS)

September 27-28, 2022 | North Augusta, SC. The Savannah River Cyber Summit (SRCS) in North Augusta, SC will act as a meeting point where researchers from academia, industry, research groups, companies and public authorities working in the field of cybersecurity and related areas can exchange knowledge and experience with the shared goal of strengthening research and building networks in the field.

Learn More and Register (External)
DISA TEM: Q6 Cyber
DISA TEM: Q6 Cyber

September 28, 2022 | 1100 - 1200 ET. Q6 Cyber combines its malware intelligence with a continuous entity enumeration process that scopes the internet exposures and assets for each entity of interest, such as critical supply chain entities and critical infrastructure. Conference ID: 420 934 122#

Join Teams
The Atlantic Future Forum 2022
The Atlantic Future Forum 2022

September 28-29, 2022 | New York. The Atlantic Future Forum exists to help strengthen the defence, security, technology and trading relationships between democratic nations. Now in its fifth year, AFF22 will be hosted in the United States on board the Royal Navy aircraft carrier, HMS QUEEN ELIZABETH.

Learn More Here (External)
Critical Infrastructure Security Summit
Critical Infrastructure Security Summit

September 28-29, 2022 | Washington, DC. The 2nd Annual Critical Infrastructure Security Summit will focus on defending and creating resilient systems to protect our nation's vital infrastructure from outside threats and other dangers. The interconnectivity and advanced capabilities that digital systems have provided to our nation's infrastructure systems also poses an avenue of approach for America's enemies to cripple US production and economic power without having to fire a shot.

Learn More and Register (External)
ApacheCon North America 2022
ApacheCon North America 2022

October 3-6, 2022 | New Orleans, LA. ApacheCon North America 2022 will be held at the Sheraton, Canal Street, New Orleans. With over 160 sessions, this year's in-person conference delivers the knowledge, connections, and expertise ApacheCon is known for.

Learn More and Register Here (External)
DISA TEM: mLogica
DISA TEM: mLogica

September 29, 2022 | 1100 - 1200 ET. mLogica’s LIBER*M suite of software can provide an operating environment analog; one that lets organizations run mainframe applications on an open platform such as Linux or Intel x86. Conference ID: 389 054 599#

Join Teams
DISA TEM: Exacom
DISA TEM: Exacom

October 4, 2022 | 1100 - 1200 ET. Exacom provides logging recorder solutions for mission-critical communications within the Police and Fire Agencies, Emergency Medical Services, 9-1-1 Communications Centers, Government Agencies, Military Departments, Transportation Companies, Energy Companies, Gas & Utility Facilities, Educational Facilities, Healthcare Centers and Hospitals, and other Security applications. Conference ID: 547 314 443#

Join Teams
DISA TEM: Myota
DISA TEM: Myota

October 5, 2022 | 1100 - 1200 ET. Myota delivers simplified operational data security that allows organizations to withstand attacks against their data & bounce back from cybersecurity events all at once. Built on a platform that combines the tenants of Zero Trust Architecture, Shamir Secret Sharing, immutable redundant storage, and advanced data dispersion, Myota moves data protection from static, network-based perimeters to focus on users, assets, and resources. Myota keeps your data safe from attacks, even when other security controls fail. Conference ID: 202 820 890#

Join Teams
Attacking ICS with Python
Attacking ICS with Python

October 12, 2022 | 0900 – 1600 ET. This 8-hour workshop will be a crash course in ICS vulnerabilities and exploitation, providing hands-on, practical training in the carrying out of attacks against various common types of ICS equipment found in the field, including an HMI, PLC and automated circuit breaker.

Learn More
DISA TEM: Zeva Incorporated
DISA TEM: Zeva Incorporated

October 12, 2022 | 1100 - 1200 ET. Zeva's DecryptNaBox is a scalable, configurable platform that is used to decrypt high volumes of S/MIME encrypted email messages for authorized third-party purposes, such as investigations, archiving, and content inspection. The enterprise-level DecryptNaBox product accomplishes this without the need to manually recover the email users' private keys. Conference ID: 790 560 016#

Join Teams
DISA TEM: Vertosoft
DISA TEM: Vertosoft

October 13, 2022 | 1100 - 1200 ET. Smartsheet Gov is a collaborative work management SaaS platform that is DISA IL4 and FEDRAMP Certified, we help federal agencies bring collaboration and transparency to government initiatives to drive innovation and achieve more. With Smartsheet Gov, your agency can operate with increased agility, streamline workflows, and eliminate silos to provide the timely and accurate information you need to move forward. Conference ID: 709 810 133#

Join Teams
Industrial Control Systems Cyber Saturday
Industrial Control Systems Cyber Saturday

October 15, 2022. We invite any and all students in 6th – 12th grade interested in learning about industrial control systems cybersecurity for a fun filled day of hands on exercises and activities on October 15th 2022 at DreamPort in Columbia Maryland! We will introduce students to the critical infrastructure concepts and cybersecurity basics. These combined skills will be used for executing offensive physical scenarios that will result in visible damage or disruption. Students and their parents are invited to participate in the fun! All participants will need to bring a laptop. Breakfast & lunch will be provided! Physical participation only.

Learn More (External)
DISA TEM: PC Matic
DISA TEM: PC Matic

October 18, 2022 | 1100 - 1200 ET. PC Matic’s default-deny solution solves traditional allowlisting issues such as implementation of zero trust methods, management of verified files and processes, and governance of local exceptions. Conference ID: 378 025 222#

Join Teams
DISA TEM: OnSolve
DISA TEM: OnSolve

October 19, 2022 | 1100 - 1200 ET. OnSolve delivers critical event management solutions designed to help enterprises, organizations and agencies of all sizes create the most successful outcomes when critical events occur. Conference ID: 993 493 238#

Join Teams
DISA TEM: NetBrain
DISA TEM: NetBrain

October 20, 2022 | 1100 - 1200 ET. NetBrain Problem Diagnosis Automation System (PDAs) is built upon its patented intent-based network automation approach that understands every detail of any hybrid network architecture from edge to cloud, based upon the existence of hundreds or thousands of designs intents. Conference ID: 924 695 680#

Join Teams
Annual Women in Cybersecurity Reception
Annual Women in Cybersecurity Reception

October 20, 2022 | Washington, D.C. The Women in Cybersecurity Reception is an annual networking event that highlights and celebrates the value and successes of women in the cybersecurity industry. This popular gathering in the heart of Washington DC brings together women from the private sector, academia, and government from across the region at varying points along the career spectrum.

Learn More Here (External)
2022 GRF Summit on Security & Third-Party Risk
2022 GRF Summit on Security & Third-Party Risk

October 27-28, 2022. Networking and Education on Critical Third-Party and Supply Chain Security Issues, for Mutual Resilience Against Cyber and Geopolitical Threats. Sessions will cover risk and vendor management, cybersecurity, intelligence sharing, geopolitical threat mitigation, and emerging compliance/regulation.

Learn More (External)
Cyber Security for Manufacturing Summit
Cyber Security for Manufacturing Summit

November 2-3, 2022. This event will bring together 100's of IT & OT security leaders from across the American manufacturing industry, for 2-days of strategy planning, insight building and expert knowledge exchange. The talk is hosted by Armando S., Co-founder and Executive Director Manufacturing SupplyChain Cybersecurity at MISI, and will cover the challenges, common threats and risks to larger manufacturers of vulnerabilities in their small manufacturing supplier networks. Secure your complimentary* pass for the event by using code MANUSEC-VIP at registration.

Learn More and Register (External)
The DataTribe Challenge 2022
What could your company do with $2 million: DataTribe Challenge 2022

November 3, 2022. We are looking for the best Cybersecurity, Web3 security, or Big Data/AI/ML seed stage companies and are collecting submissions for our 5th Annual DataTribe Challenge. The top 3 finalists will be selected from the submissions and they will present at our in-person event on November 3rd. Finalists split a $20K prize and the winner may receive $2M in funding from DataTribe.We wanted to announce that we have extended the deadline for submissions to September 23rd.

Learn more (External)
2022 CyberForce Competition
2022 CyberForce Competition

November 4-5, 2022. The 2022 CyberForce Competition will be held as a hybrid competition on Friday, November 4 and Saturday, November 5, 2022. This year, the competition will host both in-person teams at the Q Center in St. Charles, Illinois (40-50 minutes from O'Hare or Midway International Airports) or virtually. Teams will be required to have a minimum of 4 members and a maximum of 6 all from the same US based institution.

Learn More and Register (External)

Notices & Opportunities

Technical Exchange Meetings (TEMs)

The Technical Exchange Meeting (TEM) is a weekly event established and hosted by the Defense Information Systems Agency (DISA) Emerging Technology (EM) Directorate and DOD Office of the Chief Information Officer (DOD CIO) as a means to collaborate with commercial entities, non-profit organizations, and academia. TEMs offer a platform for organizations to present technological advancements and innovations.

Learn More
Our Current Challenge Problems

DreamPort is excited to announce three challenge problems we will focus on over the next several months. The challenge problems can be divided into functional capability (e.g., vulnerability research) and enabling technologies (e.g., machine learning). We are ultimately looking for functional capability, but the underlying solution should integrate one or more of the enabling technologies. The three capability areas include: vulnerability research, signature diversity, and global awareness of malware.

Review them Here
Download the latest version of the Cybersecurity Maturity Model Certification!

You can now request the initial implementation of the Cybersecurity Maturity Model Certification (CMMC) v1.02, which includes several changes to the standard. Also available are the appendices, errata, and the public briefing documents!

Submit your Request at MISI.tech

What is a Rapid Prototyping Event (RPE)

Similar to a hackathon, a rapid prototyping event is a gathering of subject matter experts committed to looking for new ways to solve a particular challenge. The subject matter experts can work alone, in teams, or as one collective group and are encouraged to now allow previous failures, standards, processes, and other impediment get in the way of breakthrough solutions and ideas. They are encouraged to identify and take risks that yield unexpected success. Unlike a hackathon, RPEs aren't limited to software challenges. The goal of an RPE is to create a useable prototype. These prototypes can be software code snippets, modified Internet of Things devices, plastics created in a 3D printer, or interesting robotic solutions to solve a problem to name a few. Read more and view all current and past RPEs here.

Lessons Learned and Winners

RPE-001: The Chameleon & The Snake
RPE-001: The Chameleon & The Snake

This RPE specifically targeted malware signature diversity and signature measurement for Microsoft Windows (x86 and amd64) in a simulated operational environment at a realistic pace.

Read what we learned.
RPE-003: The Wolf in Sheep's Clothing
RPE-003: The Wolf in Sheep's Clothing

The Fables of Aesop by Joseph Jacobs published in 1894 includes the tale of the wolf in sheep's clothing. Just as in this tale, DreamPort played the Shepherd trying to spot the wolf in the flock. DreamPort executed an RPE competition where participants designed, implemented or enhanced user activity monitoring (UAM) solutions for detecting live and recent insider threat attacks or unauthorized activities.

Read what we learned.
RPE: The Broken Gear in the Watch 2 Winner: CompSec Direct
Congratulations to CompSec Direct for winning RPE: The Broken Gear in the Watch 2!

We tested participant's abilities to find and mitigate vulnerabilities in open source embedded device firmware such as switches, routers and firewalls and other devices. During the actual event, participants also had to analyze firmware images.

RPE Winner
Congratulations to Technica Corp for winning RPE-014: Rossum's Universal Robots!

This event was open to all colleges, universities, individuals and non-traditional participants who have experience in machine learning applications to network packet capture (PCAP) for automated anomalous behavior identification.

RPE Winner
Congratulations to Seth Sites for winning RPE-015: Sage and Sentry!

In this event we defined a fictitious threat actor named DreadRiver (adversary) who has been reportedly attacking other cities, and our DreamValley would prefer to refine its defenses. In this event we are studying solutions (software and techniques) for performing analytics against cyber threat information.

RPE Winner
Congratulations to Panther Labs for winning RPE-016: The Gremlins in the Cloud!

We hunted gremlins in the cloud. BCR Industries survived 4 days of coordinated hacking in November of 2020, and they are back in business.

RPE Winner
Technica Corporation completed RPE-017 as a top finisher utilizing their Graph Hunt Solution!

This event is open to students at all colleges, universities, professionals, and non-traditional participants who have experience in machine learning applications to network packet capture (PCAP) for automated anomalous behavior identification on a network that includes control systems.

BigBear AI LogoHeilig Defense Logo
RPE-018: Congratulations to BigBear AI as the winning Blue Team and to Heilig Defense as the winning Red Team

This event focuses on tools and techniques for signature diversity and signature measurement across Microsoft Windows (x86 and amd64), Linux (x86 and amd64), OS X (amd64), and Android (x86 and ARM) platforms. Samples can include both binaries and scripts (e.g., JavaScript). Participants will play either offense or defense.

Our Facility

DreamPort Columbia Location
7000 Columbia Gateway, Suite 150
Columbia, MD 21046
p: + 1 443 626 4450

Columbia Gateway is very close to so many restaurants, hotels and other amenities that it was an easy choice to establish our DreamPort location. Destinations such as Columbia Gateway Retail, Columbia Restaurant Park, Columbia Crossing, Gateway Overlook, Dobbin Road Retail, Snowden Square, Stanford Boulevard Retail and Route 1 Retail are all within a 1.5 mile radius!

Why Columbia Gateway?

Columbia Gateway is near the BWI Airport and has 71 restaurants and 7 hotels in a 1.5 mile radius. You can walk, jog and bike on the nearby bike paths or visit excellent gyms in our building or down the road.