Federal and Public Sector Readiness
U.S.-owned. U.S.-citizen staffed. No foreign ownership, control, or influence. Available on GSA Schedule and Army CHESS ITES-SW2. Purpose-built for critical infrastructure and OT.
Company Ownership and Supply Chain
PacketViper is U.S.-owned and U.S.-operated, with a U.S.-citizen staff and no foreign ownership, control, or influence (FOCI). The platform is hardware-agnostic: it deploys as a ruggedized edge or rack appliance, as a virtual or cloud instance (Azure, AWS, VMware, Hyper-V), or on customer-provided hardware, including air-gapped environments.
How to Buy
PacketViper is orderable today by DoD, Army, and Federal agencies through established contract vehicles.
- GSA Schedule, for streamlined Federal procurement.
- Army CHESS ITES-SW2, for Army and DoD software acquisition.
Contact us to confirm current contract details and to scope a proof of concept for your agency or installation.
Framework and Zero Trust Alignment
PacketViper’s Compliance and Audit Suite maps 590 controls across 25 frameworks, with 30+ live continuously-validated posture checks, and produces tamper-evident, SHA-256 hash-chained audit evidence as a byproduct of enforcement. Alignment includes:
- DoD Zero Trust for Operational Technology
- NIST SP 800-53 Rev 5 and NIST SP 800-171 Rev 2
- NIST SP 800-82 Rev 3 and NIST CSF 2.0
- CMMC 2.0 (Levels 1, 2, and 3)
- NERC CIP, including CIP-015-1
- IEC 62443 and IEC 62443-3-3
- CISA Zero Trust Architecture and TSA Security Directives
Honest posture, stated plainly: PacketViper meets CMMC control requirements; formal certification is pursued as required for a given contract. PacketViper operates in FIPS 140-2 mode using a validated cryptographic module. See the full Compliance page for the complete framework list and per-control detail.
Built for Critical Infrastructure and OT
PacketViper is purpose-built for the operational technology environments that keep the public sector running: power, water, fuel, transportation and intelligent traffic systems, manufacturing, and building automation. The platform is agentless and non-disruptive, safe for legacy OT through a transparent bridge deployment with hardware fail-open behavior, and operates air-gapped for contested or disconnected environments.
An independent test at a representative forward operating base validated PacketViper Full Stack AMTD across power, water, fuel, and HVAC segments: 4 of 4 automated attack runs fully contained, unauthorized commands blocked inline in under 2 milliseconds, full fabric-wide isolation of the attacking source in an average of 4 minutes 12 seconds, a 99% reduction in alerts requiring analyst review, and a 0% false positive rate. Results were mapped to DoD Zero Trust for OT and MITRE ATT&CK for ICS. Read the full test results.
Independent performance testing measured 501,496 connections per second and 503,427 events per second with zero packet drops and 2,000,000 concurrent sessions, using a worst-case synthetic new-connection test methodology, with the full security stack active throughout. See the full benchmark methodology and results.
Frequently Asked Questions
Yes. PacketViper is U.S.-owned and U.S.-operated, with a U.S.-citizen staff and no foreign ownership, control, or influence (FOCI).
Yes. PacketViper is available on GSA Schedule and on Army CHESS ITES-SW2, making it orderable by DoD, Army, and Federal agencies through established contract vehicles.
PacketViper meets CMMC 2.0 control requirements across Levels 1, 2, and 3; formal certification is pursued as required for a given contract. See the Compliance page for the full control mapping.
PacketViper operates in FIPS 140-2 mode using a validated cryptographic module.
Yes. PacketViper has been independently tested against DoD Zero Trust for Operational Technology activities and outcomes, with results also mapped to MITRE ATT&CK for ICS. See the forward operating base test results for detail.
Yes. PacketViper is built to operate air-gapped and to survive network partition, for contested and disconnected environments.
See PacketViper on your infrastructure
Request a proof of concept or book a demo to see inline enforcement, compliance evidence, and OT protection against your own environment.
Request a Proof of Concept Book a Demo