The US Department of Homeland Security (DHS) has penned a cybersecurity contract with HP worth up to $32.4million – said to be the largest acquisition of software security assurance tools worldwide.

The deal comes under the DHS Continuous Diagnostics and Mitigation(CDM)government-wide Blanket Purchase Agreement (BPA).

HP captured the largest portion of the first task order awarded under the DHS CDM programme to provide software security product licenses for 33 US federal civilian government agencies.

The original $6 billion CDMBPA, awarded in August 2013, includes 17 vendors.

Developed in response to the expanding landscape of cyber threats, the DHS CDM programme was established to enable government agencies to cost-effectively identify and mitigate network, system and software vulnerabilities. The five-year, multivendor program is designed to help the government address the rising volume and complexity of cyber threats.

"In today’s technology-based society, there is nothing more important than protecting our nation’s cyberspace so citizens will have continuous and secure access to services," said Al Kinney, VP, Cybersecurity Solutions Group, US Public Sector, HP Enterprise Services. "As one of the first companies to begin work under the CDM program, HP is well positioned to help agencies enhance their security arsenal by performing analysis, reporting and threat mitigation on their core software assets."

With cybercriminals working harder and smarter to gain access to sensitive data, organisations must stay ahead of evolving threats and take proactive steps to facilitate the security of mission-critical applications. Under this award, HP will provide licenses for two industry-leading enterprise security solutions that will be used to address the application security requirements with the CDM programme, including:

– HP WebInspect, an automated web application security and penetration testing tool, mimics real-world hacking attacks and will enable agencies to thoroughly analyse their complex web applications and services for security vulnerabilities.

– HP Fortify Static Code Analyzer (SCA) scans source code to identify the causes of software security vulnerabilities,then correlates and prioritizes results, giving agencies guidance to close security gaps at the code level.