The United States Air Force’s 90th Cyberspace Operations Squadron signed its first technology licensing agreement, selling rights to use their in-house malware and software vulnerability detection code to entities in the private sector.
The program, named Whiddler, functions differently from traditional anti-malware software which scans programs to create a signature that is then contrasted against a database of malicious software’s signatures. As these databases are manually updated after new malicious software is identified, traditional anti-malware software remains vulnerable to new unidentified attacks not yet included. Whiddler scans files looking for suspicious elements and calculates the probability of whether they may be malicious.
While the news resurfaced recently, the first of two agreements was signed back in December of 2020, the second in May of this year. These two agreements mark the first for any organization under the 16th Air Force.
Along with licensing the software, the US Air Force signed a cooperative research and development agreement (CRADA) with its first customer, while one is in the works with the second company, according to officials. The the USAF kept the names of the two companies and the total values of the contracts undisclosed.
Under the terms of the agreement, the companies will be able to modify the code of Whiddler and resell it to customers in the private sector, while the Air Force continues to enjoy access to the newly updated code. The Air Force is hoping this approach would spare them the cost of marketing the software, whilst also increasing the security of electronic infrastructure overall in the country.
Rebecca Lively, deputy director of the 90th Squadron, told press that this approach gives them “the ability to improve our technology that maybe we ourselves are no longer maintaining,” in an interview. “Through that cooperative agreement, we are able to reap the benefits of those improvements at no cost to the government or at least to now cost to our unit.”