Ingalls Information Security - Comprehensive Analysis Report

Summary

Ingalls Information Security, established in 2010, is a cybersecurity firm dedicated to providing mission-focused cybersecurity and compliance solutions, primarily for Department of Defense (DoD) agencies and Defense Industrial Base (DIB) contractors. The company's core mission revolves around securing systems, achieving compliance, and maintaining readiness for its clientele, with a strong emphasis on preventing and responding to data security breaches. Ingalls Information Security upholds a "Team Human" core value, fostering integrity, empathy, and community support. The company significantly contributes to the cybersecurity landscape by specializing in integrated risk management, particularly within the highly regulated defense sector.

1. Strategic Focus & Objectives

Core Objectives

Ingalls Information Security's main business objectives include guiding clients through complex regulatory frameworks such as NIST, CMMC, and FedRAMP. The company supports the full Risk Management Framework (RMF) lifecycle and assists with Authority to Operate (ATO) achievement and continuous monitoring. A key aim is to deliver hands-on cybersecurity and compliance solutions.

Specialization Areas

The company's key areas of expertise include:

CMMC preparation and assessment.

DFARS Compliance expertise.

ATO/RMF support and continuous monitoring.

Internal compliance auditing.

ISSM/ISSO advisory and integration.

Security development and documentation, ensuring packages meet auditor and DoD requirements.

Managed Extended Detection and Response (MXDR).

Incident Response and Breach Remediation.

Cybersecurity assurance and strategic risk advisory.

Ingalls Information Security’s unique value proposition lies in its "hands-on" RMF support, where experts are directly integrated into client workflows, and its "Mission-First Mindset," aligning services with federal program operational demands for mission success.

Target Markets

Ingalls Information Security primarily targets U.S. Department of Defense (DoD) agencies and Defense Industrial Base (DIB) contractors. The company also serves other federal government entities, financial institutions, and non-profit organizations.

2. Financial Overview

Funding History

Ingalls Information Security was founded in 2010. The company generates an estimated annual revenue of $458,507 and has an estimated valuation of $1,500,000. Ingalls Information Security has not raised external funding.

The company has engaged in federal contracts, with awards including $114K in FY2024 (September 24, 2024), $1.50M in FY2024 (July 30, 2024), $184K in FY2024 (March 7, 2024), and $1.39M in FY2023 (September 17, 2023).

3. Product Pipeline

Key Products/Services

CMMC Preparation & Assessment: Services provided by Certified CMMC Professionals (CCP) include readiness evaluations, evidence sufficiency reviews, CUI flow validation, and control implementation verification.

Authorization to Operate (ATO) Support: This involves guiding clients through the RMF lifecycle to achieve and maintain ATO and continuous monitoring for federal security standards.

Cybersecurity Assurance Readiness (CSAR®) Process and Tool (CSAR/RMF Pro tool): A proprietary software solution integral to DoD ATO offerings. It helps streamline RMF implementation, transforms mandatory Air Force forms into manageable sections for quick determination of categorization, baseline controls, and assessment paths. CSAR® also identifies security controls, builds threat matrices, informs risk during application development, and reduces compliance lead time through an agile, DevSecOps approach. It offers a dashboard view for cybersecurity controls and supply chain risk management. Ingalls secured a multi-year, multi-million dollar Small Business Innovation and Research (SBIR) Phase III contract from the US Air Force for its enhancement and maintenance.

Managed Extended Detection and Response (MXDR): This service focuses on the proactive detection and response to cyber threats.

Incident Response and Breach Remediation: Expertise in responding to and managing large data breaches.

ISSM and ISSO Augmentation: Providing advisory and integration services for Information System Security Managers and Officers.

Internal Cybersecurity Compliance & Audit Readiness: Assisting organizations in preparing for compliance audits based on DoD and NIST standards.

Security Development & Documentation: Developing crucial cybersecurity documents such as System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action & Milestones (POA&Ms) that meet auditor and DoD requirements.

Consulting Services: General cybersecurity consulting provided to federal government, financial institutions, and non-profit organizations.

4. Technology & Innovation

Technology Stack

Ingalls Information Security leverages proprietary technologies alongside industry-standard platforms.

Core Platforms and Technologies: The company's services are built upon a deep understanding of regulatory frameworks, including NIST SP 800-53, DoD 8510.01, CMMC, and FedRAMP baselines. They provide capabilities in Security Operations Center (SOC), Managed Extended Detection and Response (MXDR), and Digital Forensics and Incident Response (DFIR).

Proprietary Developments: The Cybersecurity Assurance Readiness (CSAR®) Process and Tool (CSAR/RMF Pro tool) is a proprietary technology for DoD ATO software offerings.

Technical Capabilities: Ingalls utilizes Cloudflare Bot Management for security, Material Design Lite for UI frameworks, HubSpot CMS Hub for its CMS, Vimeo for video content, and lit-element and lit-html for JavaScript libraries.

5. Leadership & Management

Executive Team

Jason Ingalls - Founder and, following the merger with C3 Integrated Solutions, Chief Cybersecurity Officer of C3 Integrated Solutions. He founded Ingalls Information Security in 2010 after 15 years as a defense contractor in IT and cybersecurity engineering for the U.S. Army and U.S. Air Force.

Brandi Pickett - SVP Government Programs. She has over 15 years of experience supporting federal agencies and defense contractors, establishing the Government Programs department and leading the development of scalable RMF and ATO support models. She is also the architect of CSAR®.

Brad Comfort - Director of Sales.

The broader leadership team at the merged entity, C3 Integrated Solutions, also includes:

Marc Pantoni - Chief Executive Officer.

Ryan Heidorn - Chief Technology Officer.

Bill Wootton - Chief Revenue Officer.

Tim Fedder - Chief Financial Officer.

Recent Leadership Changes

On November 14, 2023, Ingalls Information Security merged with C3 Integrated Solutions. As a result, Jason Ingalls transitioned to the role of Chief Cybersecurity Officer at C3 Integrated Solutions. This merger integrated Ingalls' advanced cybersecurity expertise with C3's managed IT services.

6. Talent and Growth Indicators

Hiring Trends and Workforce

Ingalls Information Security has approximately 21-50 employees, with roughly 9 employees at the entry level, 2 at the director level, and 2 at the manager level. The company has 9 employees across 5 departments, with Information Technology holding 4 and Sales 2. Ingalls prioritizes recruiting top talent in cybersecurity, seeking helpful and innovative individuals who are passionate about delivering cybersecurity solutions. The company is committed to establishing Louisiana as a cybersecurity center of excellence and aims to create 5,000 industry jobs in the state. Its team includes former DoD ISSMs, CISSPs, compliance officers, RMF specialists, security engineers, auditors, program leads with DIB knowledge, military veterans, military spouses, and former government civilians.

7. Social Media Presence and Engagement

Digital Footprint

Ingalls Information Security maintains an active social media presence across platforms such as Facebook, Instagram, LinkedIn, X (Twitter), and YouTube. The company utilizes these channels to disseminate information pertaining to mission-driven cybersecurity for DoD and defense contractors, share resources, case studies, webinars, and press releases. Their messaging emphasizes securing systems, achieving compliance, and maintaining readiness. They also share thought leadership content to address cybersecurity and risk management needs.

8. Recognition and Awards

Industry Recognition

Ingalls Information Security has received significant industry recognition, including:

General Services Administration (GSA) Highly Adaptive Cybersecurity Services (HACS) Contract: Awarded on August 19, 2025, this contract enables Ingalls to provide critical cybersecurity services to government agencies through the GSA Multiple Award Schedule (MAS). These services include Risk and Vulnerability Assessments, Penetration Testing, System Security Engineering, and Security Architecture Reviews.

CMMC Level 2 Certification: Achieved on November 17, 2025, this certification reinforces their commitment to Defense Industrial Base cyber readiness.

U.S. Air Force Software Certification: Ingalls collaborated with Chiral Software to receive a 3-year software certification from the U.S. Air Force on August 28, 2024.

Small Business Innovation and Research (SBIR) Phase III Contract: On May 17, 2022, the US Air Force awarded Ingalls a multi-year, multi-million dollar SBIR Phase III contract for the enhancement and maintenance of its CSAR® tool, designed to support the DoD's mission to field systems at the "speed of innovation."

Authorized SkillBridge Organization.

Accredited Business with an A+ BBB Rating.

Registered Practitioner Organization (RPO).

9. Competitive Analysis

Major Competitors

Ingalls Information Security operates in a competitive landscape with companies offering managed IT services, compliance expertise, and specific DoD cybersecurity support. Prior to its merger, C3 Integrated Solutions was a competitor, but now they operate as a combined entity. Other competitors often include:

Managed Services Providers focused on CMMC compliance.

Cybersecurity risk management firms.

IT service providers catering to federal government and defense contractors.

Firms such as Blackpoint Cyber, Cynet, Rapid7, Fortinet, and Heimdal Endpoint Detection and Response are notable competitors in the broader cybersecurity services market, particularly in managed detection and response (MDR).

Oneconsult and Coinnect are also identified as companies with similar specializations in cybersecurity and incident response.

10. Market Analysis

Market Overview

The cybersecurity market for the DoD and DIB is driven by strict regulatory requirements, including CMMC, DFARS, NIST, and FedRAMP. There is a high demand for specialized expertise in these areas, as defense contractors and government agencies work to protect sensitive information and gain Authority to Operate (ATO) for their systems. The market requires practical support for RMF implementation, continuous monitoring, incident response, and strong security measures integrated into daily operations. The trend is towards comprehensive, integrated solutions that combine cybersecurity, IT management, and compliance, promoting a "security first" approach in a constantly changing threat environment.

11. Strategic Partnerships

Ingalls Information Security's primary strategic partnership is its merger with C3 Integrated Solutions, announced on November 14, 2023. This merger combined Ingalls' expertise in advanced cybersecurity solutions, including Managed Extended Detection and Response (MXDR) and Incident Response, with C3's managed IT services, Microsoft Cloud solutions, and focus on compliance for the U.S. Defense Industrial Base. The combined entity aims to be a leading IT, cybersecurity, and compliance partner for the DIB, delivering comprehensive CMMC compliance services and strengthened DoD ATO software offerings. This collaboration also provides clients with a single source of accountability and cost efficiencies by consolidating IT, cybersecurity, and compliance needs.

12. Operational Insights

Ingalls Information Security differentiates itself through its hands-on approach to RMF support, embedding experts directly into client workflows. Their compliance solutions are meticulously aligned with DoD and NIST standards, including DoD 8510.01, NIST SP 800-53, and FedRAMP baselines. A core operational strength is their "Mission-First Mindset," which ensures services are aligned with the operational demands of federal programs for mission success. The company employs an "ISSM Integrator model" to bridge cybersecurity needs across various command levels, wings, and system owners, operationalizing security at all organizational tiers. Their proven expertise in managing large data breaches and providing consulting to federal government, financial institutions, and non-profit organizations further solidifies their operational capabilities.

13. Future Outlook

Strategic Roadmap

Following the merger with C3 Integrated Solutions, Ingalls Information Security is strategically positioned for growth within the Defense Industrial Base and beyond. The strategic roadmap includes enhancing CMMC compliance services and strengthening DoD ATO software offerings with tools like CSAR/RMF Pro. The combined entity will integrate Ingalls' Security Operations Center (SOC), Managed Detection and Response, and Digital Forensics and Incident Response capabilities into a broader managed services portfolio. The company aims to set new industry benchmarks, adapting to the evolving cybersecurity landscape, and supporting a safer digital future. They will continue to provide innovative solutions tailored to the unique cybersecurity needs of DIB clients and other non-defense customers. The merger reinforces their commitment to being a single managed services partner for all IT, cybersecurity, and compliance needs for DIB members.