01.

PCI Compliance Audit Preparation

You have a PCI Compliance audit, we can guarantee that you will pass with flying colors.

Learn More

02.

Information Security Certified Professionals

Over 30 years of experience in information security and compliance.

Learn More

03.

Secure Coding Specialists

We provide secure coding training and secure website development services.

Learn More

Secure Software Development

VITG can help you reduce the number of vulnerabilities to a level that can be fully mitigated in operational environments by preventing coding errors or discovering and eliminating security flaws during implementation and testing.

Software Security Assurance

VITG's Software Security Assurance Framework (SSAF) encompasses every phase of the product development lifecycle, SSAF is VITG's methodology for building security into the design, build, testing, and maintenance of software.

Information Security and Privacy Program Development and Support

In today’s dynamic threat environment organizations must implement fully integrated cybersecurity programs which balance compliance with the business needs and leverage automation to evaluate information security and privacy risks in near real time.

Open Security Control Assessment Language (OSCAL)

NIST, in collaboration with industry has developed the Open Security Controls Assessment Language (OSCAL). OSCAL is a set of formats expressed in XML, JSON, and YAML. These formats provide machine-readable representations of control catalogs, control baselines, system security plans, and assessment plans and results. In order to accelerate adoption by Federal Agencies and CSPs VITG developed the OSCAL Toolkit.

Payment Card Industry (PCI) Compliance Support

VITG can help any business that stores, processes or transmits cardholder data to be PCI compliant. The PCI Data Security Standard (DSS) can be complex and difficult to manage without certified expertise.

Program/Project Management

VITG's PMI Project Management Professional (PMP) certified resources can help you tackle that most complex and challenging management problems and ensure that all stakeholders are well informed and are part of the solution teams we support.

Enterprise Architecture

A properly designed Enterprise Architecture enables an organization to execute its business strategy and will increase the effectiveness of the firm’s individual business units.

Threat Based Risk Profiling

Informed Risk Management based on analysis of real world threats. VITG implements a standard methodology for scoring cybersecurity capabilities against threat framewoks using real world data to determine which security controls and capabilities are most effectiveto protect detect, and respond to prevalent threats.

Threat Based Risk Profiling Methodology White Paper

426

Compliance Audits and Risk Assessments

22

Consultants

2321

Service Calls

3

Locations

We will always help you to grow your business

Our mission is to provide you the highest quality of service and solutions

We Earn Your Trust Testimonials

Get Up to Date Company News/Press Releases

img

January 28, 2021

VITG Awarded FedRAMP Automation Services Contract

Volpe Information Technology Group (VITG), Inc. a Baltimore based information technology (IT) consulting services firm with a core focus on cyber security has been awarded a two-and-a-half-year prime contract to provide automation services to the General Services Administration (GSA) Federal Risk Authorization Management Program (FedRAMP) program. Under this contract VITG will assist the FedRAMP program with the implementation of cutting-edge solutions to automate the security authorization process, develop threat-based risk profiles for information systems to support security authorization decisions, and implement automation for the monthly continuous monitoring deliverables. For this project, VITG will leverage the National Institute of Standards and Technology (NIST) Open Security Controls Assessment Language (OSCAL). NIST, in collaboration with industry has developed OSCAL as a set of formats expressed in XML, JSON, and YAML. These formats provide machine-readable representations of control catalogs, control baselines, system security plans, assessment plans, and results. Machine readable representation will provide the foundation upon which future automations will be developed. In addition, VITG through the FedRAMP program will work with the Department of Homeland Security (DHS) .gov Cybersecurity Analysis and Review team (.govCAR) to conduct threat-based scoring of NIST Special Publication 800-53 security controls. This effort will rank each security control for its ability to protect, detect, and respond to a series of threat actions based upon real word cyber threat intelligence. Ranking security controls based upon threat will enable threat-based risk profiling and will increase the return on cybersecurity investments made by government agencies and cloud service providers (CSPs).

“We are excited to enter the next chapter in the evolution of our company by providing services to the GSA as a prime contractor. We are honored that the FedRAMP program has entrusted us to assist with these important innovations. This work will drive a culture shift from compliance to informed risk management and will reduce cost while improving the security posture of government information systems."
.

img

July 11, 2017

VITG Awarded GSA IT Schedule 70 Contract

Baltimore, MD – Volpe Information Technology Group (VITG), Inc. a Baltimore based information technology (IT) consulting services frim with a core focus on cyber security has been awarded a General Services Administration (GSA) Information Technology (IT) Schedule 70 contract. The GSA IT Schedule 70 is a long-term contract that will enable VITG to provide services to the government for up to twenty years. Award of a Schedule contract signifies that the GSA has determined that the vendor's pricing is fair and reasonable and the vendor complies with all applicable laws and regulations. Purchasing from pre- approved vendors allows agencies to cut through red tape and receive goods and services faster. Prior to award, VITG underwent a rigorous application process, including the negotiation of fair and reasonable prices, to win a GSA Schedule contract. IT Schedule 70 is the GSA's largest Schedule. “We are excited to enter the next chapter in the evolution of our company by providing services to the government as a prime contractor. Over the past year, VITG has invested heavily in our recruiting and training capabilities to ensure that we can hire and retain the most talented industry professionals. We are well positioned to offer cutting edge cyber security solutions to our federal customers and the acquisition of a GSA IT Schedule 70 represents the logical next step towards accomplishing that goal."

img

October 10, 2016

Tom Volpe Jr. joins VITG as COO

Tom Volpe Jr, CISM, CISSP, PMP has joined the company as Chief Operating Office in support of all company business development and operational projects. We are excited to have Tom join the VITG team and bring his extensive experience and judgement to bear on company business.

Read More
img July 31, 2016

VITG renewed for 3rd straight year at Social Security Administration

Through our partnership with the Coalfire Federal we continue to win work at the Social Security Administration in the areas of Secure Software Development and Information Security Risk Management.

img June 17, 2016
img December 20, 2015

Volpe Systems starts revamp of godowntownbaltimore.com website.

Volpegroup engages to assist the Downtown Partnership of Baltimore with re-vamping and upgrading the godowntownbaltimore.com website.

Read More

Our Partners