DreamPort is a combination of state-of-the-art facilities, innovative programs, and imaginative people charged with finding that spark that leads to unparalleled capability for USCYBERCOM and the warfighters at large.
Located in Columbia, Maryland, DreamPort was created under a Partnership Intermediary Agreement between MISI and United States Cyber Command (USCYBERCOM).
Notice for all interested parties to DreamPort events: Announcement of DreamPort events that are considered to have high potential for further efforts that may be accomplished via FAR-based contracting instruments, Other Transaction Authority (OTA) for Prototype Projects 10 USC 2371b, Prizes for advanced technology achievements 10 USC 2374a, and/or Prize Competitions 15 USC 3719, may be made at the dreamport.tech website. All announcements made at the dreamport.tech website are considered to satisfy the reasonable effort to obtain competition in accordance with 10 USC 2374a (b), 15 USC 3719 (e) and 10 USC 2371b (b)(2). All FAR based actions will follow announcement procedures per FAR 5.201(b) accordingly.
Why Register for DreamPort?
DreamPort welcomes all, but we'd like to know a little about you. We hold daily, monthly, and quarterly events, some by invitation only. By registering with the DreamPort you will receive our periodic emails about upcoming events, new services and capabilities, and mentoring opportunities. We provide a place where you can upload a resume, abstract or other document that describes who you are, what you are expert at, and how you want to help.
This information can also be about your organization or company. We use the information you provide to learn more about your interests and expertise. For example, are you a cyber subject matter expert that would like to engage in a rapid prototyping event (RPE)? We look forward to having you as a part of the DreamPort Partnership Network.Register Now
ALERT: DHS Issues Shields Up Advisory
Every organization in the United States is at risk from cyber threats that can disrupt essential services and potentially result in impacts to public safety. Over the past year, cyber incidents have impacted many companies, non-profits, and other organizations, large and small, across multiple sectors of the economy.
Notably, the Russian government has used cyber as a key component of their force projection over the last decade, including previously in Ukraine in the 2015 timeframe. The Russian government understands that disabling or destroying critical infrastructure—including power and communications—can augment pressure on a country's government, military and population and accelerate their acceding to Russian objectives.
While there are not currently any specific credible threats to the U.S. homeland, we are mindful of the potential for the Russian government to consider escalating its destabilizing actions in ways that may impact others outside of Ukraine.
Based on this situation, CISA has been working closely with our critical infrastructure partners over the past several months to ensure awareness of potential threats—part of a paradigm shift from being reactive to being proactive.
CISA recommends all organizations–regardless of size–adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets. Read More
Just Announced: RPE-019: Manufactured Crisis
October 3-7, 2022. In this rapid prototyping event, we are challenging participants to develop techniques for rapid, automated penetration testing. Developments in artificial intelligence (AI) algorithms, particularly in reinforcement learning, can enable exploitation decision-making at computer, rather than human, speed. We have $25,000 (USD) in prizes to give away to the best performers as determined by us!Read more here
Attacking ICS with Python
October 12, 2022 | 0900 – 1600 ET. This 8-hour workshop will be a crash course in ICS vulnerabilities and exploitation, providing hands-on, practical training in the carrying out of attacks against various common types of ICS equipment found in the field, including an HMI, PLC and automated circuit breaker.Learn More
Hack the Railroad
October 18, 2022. Hack The Railroad is a hybrid cybersecurity event powered by Cylus & MISI, featuring talks from cybersecurity industry leaders and railroad cybersecurity trainings. We want to empower cyber warriors to protect our nation's most critical infrastructure which plays a primary role in the daily lives of people.Learn More
Center of Academic Excellence in Cybersecurity Internship Fall 2022
The National Security Agency (NSA) in partnership with the Maryland Innovation & Security Institute (MISI) and the GBC MISI Academy seek applicants for an 8-week paid internship program designed for college seniors about to enter the technical workforce currently enrolled in an institution designated as a CAE-CD or CAE-CO by the National Security Agency Center of Academic Excellence in Cybersecurity. Dates for the Fall Internship are Sept 19, 2022 – Nov 11, 2022 (Applications Close Aug 12).Learn more and Apply (External)
DISA TEM: Red Hat
August 18, 2022 | 1100 - 1200 ET. As of May 2022, Red Hat Enterprise Linux (RHEL) 9 became generally available (GA). This latest release of RHEL assists organization and mission owners with an OS with a flexible and stable foundation to meet the needs of a hybrid multi-cloud environment, and is ready for you to develop and deploy from the edge to the cloud. Conference ID: 799 446 338#Join Teams
DISA TEM: Western Digital/Mainsail Technologies
August 23, 2022 | 1100 - 1200 ET. Western Digital, and its partner Mainsail Industries, intelligently move workloads from central cloud locations to edge computing environments on-demand, to enable secure multi-mission workloads and to facilitate the best user experience. Conference ID: 158 773 15#Join Teams
DISA TEM: Nintex
August 25, 2022 | 1100 - 1200 ET. The Nintex Workflow Platform helps organizations increase efficiency, while analyzing processes to guide informed decision making. With the right business process automation tool in place, an organization can save time and money while eliminating human error and delivering insightful analytics to give a better view of the organization's business. Conference ID: 488 133 421#Join Teams
Minority Owned Business Collider: Business Opps with the Federal Government
August 25, 2022 | 1300 - 1630 EDT. Please join Wright Brothers Institute’s Small Business Hub for our Minority Owned Business Collider with a focus on learning on how to do business with the Federal Government. We have several strategic partners presenting in this Collider who are valuable resources for Minority Owned Businesses. If you are ready to take your business to the next level and exploring opportunities with the Federal Government, you do not want to miss this Collider.Learn more and Register (External)
DISA TEM: Magnet Forensics
August 30, 2022 | 1100 - 1200 ET. Magnet Forensics is a developer of digital investigation software that acquires, analyzes, reports on, and manages evidence from digital sources, including computers, mobile devices, IoT devices and cloud services — helping more than 4,000 public and private sector customers in over 90 countries fight crime, protect assets, and guard national security. Conference ID: 784 564 602#Join Teams
DISA TEM: Boomi
August 31, 2022 | 1100 - 1200 ET. Boomi’s FedRAMP-authorized, cloud-native integration platform lets agencies connect across hybrid IT landscapes, migrate systems, boost IT productivity, and reduce legacy technical debt. It’s a key ingredient in IT modernization and better fulfilling strategic mission objectives. Conference ID: 607 669 387#Join Teams
What could your company do with $2 million?: DataTribe Challenge 2022
Submissions Due: August 31, 2022 | The DataTribe Challenge is a unique annual competition that brings together the best entrepreneurs in the world looking to disrupt cybersecurity and data science. DataTribe selects three finalists that split $20,000 in prize money and one winner that could receive up to $2 million in seed capital. The Challenge concludes in an invite-only pitch event where three finalists present to and network with cyber industry luminaries in-person. DataTribe will announce the winner at the end of this event. Applications Deadline: August 31st. Finalists Pitch Event: November 3rd - In Person at DataTribe in MD.Learn more (External)
OT-ISAC Summit 2022
September 7 - 8, 2022 | Singapore | Hybrid Event. Join DreamPort at This global conference on Operational Technology. MISI DreamPort Co-Founder and member of the Board Armando Seay will be part of this year's conference in Singapore. OT-ISAC Annual Summit will be in Hybrid event offering participants to attend in Virtual (online) and Live In person in Singapore. Bringing together OT/IT Experts and Practitioners in a Two-Day focused environment to share best practices and lessons learned that foster stakeholders to adapt and achieve mutual defence in protecting critical assets.Learn More (External)
Just Announced: STEM Pioneers Rock: Margaret Salter
September 8, 2022 | 1300 – 1430 ET. Brought to you by NSA and Dreamport/MISI, the STEM Pioneers Rock series, highlights significant accomplishments of those who are "firsts" in their field. Margaret Salter is the Director of Applied Cryptography at AWS. She spent 34 years at the National Security Agency, culminating in her position as the Technical Director for an Information Assurance organization.Learn More [MISI]
Just Announced: STEM Pioneers Rock: Dr. Cynthia Sutherland
September 20, 2022 | 1300 – 1430 ET. Brought to you by NSA and Dreamport/MISI, the STEM Pioneers Rock series, highlights significant accomplishments of those who are "firsts" in their field. Dr. Cynthia Sutherland was appointed as the first Senior Executive Service (SES)-level Chief Information Security Officer (CISO) at FEMA in June 2020. As CISO, she provides executive leadership and direction for FEMAʼs cybersecurity services: Cybersecurity Policy, Planning, and Training; Identity, Credential, and Access Management (ICAM); Cyber Engineering; Cyber Assessment; Compliance; Risk Management; and Security Operations.Learn More [MISI]
Industrial Control Systems Cyber Saturday
October 15, 2022. We invite any and all students in 6th – 12th grade interested in learning about industrial control systems cybersecurity for a fun filled day of hands on exercises and activities on August 6th 2022 at DreamPort in Columbia Maryland! We will introduce students to the critical infrastructure concepts and cybersecurity basics. These combined skills will be used for executing offensive physical scenarios that will result in visible damage or disruption. Students and their parents are invited to participate in the fun! All participants will need to bring a laptop. Breakfast & lunch will be provided! Physical participation only.Learn More (External)
2022 GRF Summit on Security & Third-Party Risk
October 27-28, 2022. Networking and Education on Critical Third-Party and Supply Chain Security Issues, for Mutual Resilience Against Cyber and Geopolitical Threats. Sessions will cover risk and vendor management, cybersecurity, intelligence sharing, geopolitical threat mitigation, and emerging compliance/regulation.Learn More (External)
Cyber Security for Manufacturing Summit
November 2-3, 2022. This event will bring together 100's of IT & OT security leaders from across the American manufacturing industry, for 2-days of strategy planning, insight building and expert knowledge exchange.Learn More (External)
WiCyS-CI Hack the Power
November 2-3, 2022. Hack the Power is presented by Women in Cybersecurity - Critical Infrastructure (WiCyS-CI) in close partnership with Percival Engineering, Maryland Innovation and Security Institute (MISI), and Cybersecurity Association of Maryland (CAMI). This is a two-day hybrid event including critical infrastructure (ICS/SCADA) training followed by a Capture the Flag (CTF). This will be an offensive exercise demonstrating the impact of cyber attacks against electric power systems and critical mission operations ranging from data theft to a potentially catastrophic infrastructure failure.Learn More (External)
Wireless Hacking and Exploitation Course
November 7-10, 2022. This class will cover the essentials of using Kali (with a focus on WiFi/BT/SDR), current and emerging 802.11 wireless threats, and the wonderful world of Software Defined Radios. A completed bootstrapped curriculum that will provide new tips and tricks for the advanced, and a completely new experience to those who are just now learning about any of these topics.Learn More (External)
Notices & Opportunities
Technical Exchange Meetings (TEMs)
The Technical Exchange Meeting (TEM) is a weekly event established and hosted by the Defense Information Systems Agency (DISA) Emerging Technology (EM) Directorate and DOD Office of the Chief Information Officer (DOD CIO) as a means to collaborate with commercial entities, non-profit organizations, and academia. TEMs offer a platform for organizations to present technological advancements and innovations.Learn More
Our Current Challenge Problems
DreamPort is excited to announce three challenge problems we will focus on over the next several months. The challenge problems can be divided into functional capability (e.g., vulnerability research) and enabling technologies (e.g., machine learning). We are ultimately looking for functional capability, but the underlying solution should integrate one or more of the enabling technologies. The three capability areas include: vulnerability research, signature diversity, and global awareness of malware.Review them Here
Download the latest version of the Cybersecurity Maturity Model Certification!
You can now request the initial implementation of the Cybersecurity Maturity Model Certification (CMMC) v1.02, which includes several changes to the standard. Also available are the appendices, errata, and the public briefing documents!Submit your Request at MISI.tech
What is a Rapid Prototyping Event (RPE)
Similar to a hackathon, a rapid prototyping event is a gathering of subject matter experts committed to looking for new ways to solve a particular challenge. The subject matter experts can work alone, in teams, or as one collective group and are encouraged to now allow previous failures, standards, processes, and other impediment get in the way of breakthrough solutions and ideas. They are encouraged to identify and take risks that yield unexpected success. Unlike a hackathon, RPEs aren't limited to software challenges. The goal of an RPE is to create a useable prototype. These prototypes can be software code snippets, modified Internet of Things devices, plastics created in a 3D printer, or interesting robotic solutions to solve a problem to name a few. Read more and view all current and past RPEs here.
What have we learned from our RPE events?
RPE-001: The Chameleon & The Snake
This RPE specifically targeted malware signature diversity and signature measurement for Microsoft Windows (x86 and amd64) in a simulated operational environment at a realistic pace.Read what we learned.
RPE-003: The Wolf in Sheep's Clothing
The Fables of Aesop by Joseph Jacobs published in 1894 includes the tale of the wolf in sheep's clothing. Just as in this tale, DreamPort played the Shepherd trying to spot the wolf in the flock. DreamPort executed an RPE competition where participants designed, implemented or enhanced user activity monitoring (UAM) solutions for detecting live and recent insider threat attacks or unauthorized activities.Read what we learned.
Congratulations to CompSec Direct for winning RPE: The Broken Gear in the Watch 2!
We tested participant's abilities to find and mitigate vulnerabilities in open source embedded device firmware such as switches, routers and firewalls and other devices. During the actual event, participants also had to analyze firmware images.
Congratulations to Technica Corp for winning RPE-014: Rossum's Universal Robots!
This event was open to all colleges, universities, individuals and non-traditional participants who have experience in machine learning applications to network packet capture (PCAP) for automated anomalous behavior identification.
Congratulations to Seth Sites for winning RPE-015: Sage and Sentry!
In this event we defined a fictitious threat actor named DreadRiver (adversary) who has been reportedly attacking other cities, and our DreamValley would prefer to refine its defenses. In this event we are studying solutions (software and techniques) for performing analytics against cyber threat information.
Congratulations to Panther Labs for winning RPE-016: The Gremlins in the Cloud!
We hunted gremlins in the cloud. BCR Industries survived 4 days of coordinated hacking in November of 2020, and they are back in business.
Technica Corporation completed RPE-017 as a top finisher utilizing their Graph Hunt Solution!
This event is open to students at all colleges, universities, professionals, and non-traditional participants who have experience in machine learning applications to network packet capture (PCAP) for automated anomalous behavior identification on a network that includes control systems.
DreamPort Columbia Location
7000 Columbia Gateway, Suite 150
Columbia, MD 21046
p: + 1 443 626 4450
Columbia Gateway is very close to so many restaurants, hotels and other amenities that it was an easy choice to establish our DreamPort location. Destinations such as Columbia Gateway Retail, Columbia Restaurant Park, Columbia Crossing, Gateway Overlook, Dobbin Road Retail, Snowden Square, Stanford Boulevard Retail and Route 1 Retail are all within a 1.5 mile radius!
Why Columbia Gateway?
Columbia Gateway is near the BWI Airport and has 71 restaurants and 7 hotels in a 1.5 mile radius. You can walk, jog and bike on the nearby bike paths or visit excellent gyms in our building or down the road.