Overview
JaMaxwell builds custom applications for federal agencies using agile sprints with integrated security testing at every stage. Our DevSecOps pipelines automate code scanning, container image analysis, dependency checking, and deployment to staging and production environments. Applications are built to meet Section 508 accessibility standards and NIST SP 800-53 security controls from the first sprint.
CMMC 2.0 Requirements
CMMC 2.0 (Cybersecurity Maturity Model Certification) establishes cybersecurity requirements for the Defense Industrial Base. Level 1 requires 17 practices based on FAR 52.204-21. Level 2 requires 110 practices aligned with NIST SP 800-171 Rev 2, protecting Controlled Unclassified Information (CUI). Level 3 requires additional controls from NIST SP 800-172 for critical programs. JaMaxwell helps defense contractors assess their current maturity, remediate gaps, prepare documentation for C3PAO assessments, and maintain ongoing compliance.
Why JaMaxwell
- SBA-certified Woman-Owned Small Business (WOSB)
- Primary NAICS: 541511 (Computer Systems Design Services)
- Security-cleared staff with active federal engagements
- Headquartered in Fairfax, VA, 20 miles from the Pentagon
- Demonstrated CMMC 2.0 assessment and implementation capability