Tangible Labs

The mission of Tangible Labs is to create innovative, next-generation technology solutions for the cyber security enterprise, developing prototypes and tools and generally advancing the body of knowledge in the cyber security field.

This research and development center for excellence discovers and reports on evolving cyber security issues threatening American enterprise and government. The Labs also serve as an educational platform for Tangible’s experts to help shape the discussions, debates, standards, and thinking on these critical problem areas.
Tangible Labs’ cyber security experts:
  • Support key classified government projects
  • Train those training tomorrow’s cyber security professionals
  • Identify vulnerabilities before they can be exploited by hackers
  • Pursue practices that help the enterprise be more cyber resilient to sophisticated attacks


Our software has passed the most rigorous security reviews of the defense and intelligence communities.

DoD Global Directory Services

In addition to architecting, deploying, and maintaining this vital infrastructure, we developed software called PKIManager, CRLRetrieval, and LiveUpdate to greatly improve the availability, scalability, and usability of the DoD PKI.

DoD Visitor

Software running on domain controllers that auto-provisions Active Directory user accounts for people with DoD Common Access Cards (CAC) when they wish to logon to a workstation where they lack an account.

PKI in a Box

General purpose PKI for non-Federated use-cases: enterprise authentication; secure access by temporary workers


Similar to DoD Visitor, with added support for Federal PIV cards, mitigation for pass the hash attacks, and more.


ProV helps eliminate the frequent inconvenience to Federal personnel of finding they cannot enter Federal buildings or portions thereof.


We develop tools and best practices to help our clients secure both their networks and their products.


A customized version of Ubuntu with the tools we use for firmware analysis. 


A firmware analysis framework that automates the extraction, inspection and analysis of firmware for potential vulnerabilities.

Virtual Penetration Test (VPT)

A cloud-based system that enables our penetration testers to remotely and securely conduct a cyber security assessment of a client network.


Ongoing research that yields practices and templates that aide small and medium enterprises mature their security programs.

{loadmodule mod_inlinecustom,Custom Inline HTML}