VirnetX Holding Corporation has secured DD Form 2345 certifications for its Zephyr Cove, Nevada, and Farmington, Utah facilities, marking a pivotal milestone in the company’s deliberate shift from a broad commercial focus to a targeted partnership role with the U.S. Department of Defense (DoD) and the Intelligence Community (IC). The certification, issued through the DoD’s Joint Certification Program, validates VirnetX’s capacity to handle and share unclassified technical data with military or space applications that are regulated under export-control regimes. This achievement reinforces the company’s commitment to national security, bolsters its credibility as a trusted defense-grade technology provider, and positions its zero-trust platform and security services for broader engagement in defense programs, including those requiring access to controlled data.
DD Form 2345, or the Militarily Critical Technical Data Agreement, is a formal certification that enables organizations to access and use critical technical data tied to military or space applications under export control regimes. This registration underpins the DoD’s and IC’s confidence that a contractor can safeguard sensitive information and manage controlled data securely throughout the project lifecycle. The certification is a gatekeeper credential: it makes possible collaboration on classified or controlled data initiatives, participation in defense-related research and development, and eligibility to bid on government contracts where access to controlled data is a prerequisite. In VirnetX’s case, the certification signals not only a strong security posture but also an operational readiness to work across environments—on-premises, cloud, and hybrid—while maintaining rigorous data protection protocols.
The DD Form 2345 is thus more than a compliance checkbox; it is an enabler of scale in defense and intelligence work. For a technology company pursuing heightened access to national-security programs, the certification translates into tangible opportunities to engage in classified projects, contribute to defense initiatives, and compete for government contracts that depend on controlled data handling capabilities. In practical terms, VirnetX’s DD Form 2345 status provides the governance framework and trust necessary for DoD and IC program managers to consider the company for legitimate, mission-critical assignments that require access to sensitive information in a controlled and auditable manner. It also signals to potential partners and subcontractors that VirnetX adheres to the rigorous standards expected of practitioners delivering secure communications, resilient networks, and high-assurance cybersecurity solutions in high-stakes environments.
For VirnetX, the path to these certifications aligns with its broader strategic pivot to defend-focused capabilities. The company is known for its patented zero-trust network access (ZTNA) approach, secure domain name registry, and its flagship VirnetX One platform, along with complementary products such as War Room and VirnetX Matrix. These offerings are designed to deliver device- and location-agnostic secure real-time communications, which are especially critical for defense operations that span disparate domains, including land, sea, air, space, and cyber. By embedding secure communications with its Dynamic Trust Evaluation, VirnetX emphasizes resilience and adaptability in networks that must sustain high levels of reliability under adverse conditions. The DD Form 2345 certification corroborates that these capabilities can be leveraged in defense contexts where data integrity, confidentiality, and controlled access are non-negotiable.
Beyond the core product suite, VirnetX highlights its Digital Engineering services as part of the defense-oriented pivot. The company’s offerings emphasize Model-Based Systems Engineering (MBSE) processes, cyber threat intelligence, and cyber threat assessments that align with DoD Digital Engineering strategies. In practice, MBSE enables a structured approach to describing complex defense systems through digital models, enabling more effective design, analysis, and verification across lifecycles. The combination of secure communications, dynamic trust mechanisms, and MBSE-enabled engineering methodologies forms a cohesive value proposition for DoD and IC programs that demand rigorous program management, traceability, and model-driven development. VirnetX’s emphasis on secure, flexible communications, integrated with model-based engineering, is designed to support mission-critical applications that require seamless collaboration across sensors, platforms, and command-and-control ecosystems.
To summarize the significance of the DD Form 2345 certification in VirnetX’s narrative: it is a formal acknowledgment that the company can responsibly manage controlled data, support advanced defense applications, and participate in programs with stringent security requirements. It underscores a strategic shift toward defense and intelligence work, expanding the company’s potential addressable market and enabling collaboration on projects that demand high security, resilience, and trusted IT architecture across multiple domains.
About VirnetX
VirnetX Holding Corporation stands at the intersection of Internet security software and advanced technology, specializing in patented Zero Trust Network Access (ZTNA) and secure network communications. The company’s portfolio includes Secure Domain Name Registry, the VirnetX One platform, and products like War Room and VirnetX Matrix, all designed to be device- and location-agnostic, enabling secure real-time communications for U.S. defense, intelligence, and government agencies, as well as enterprise applications and critical infrastructure. VirnetX also offers Digital Engineering services, including Cyber Threat Assessment and Model-Based System Engineering processes, to align technology outcomes with defense strategies and digital innovation imperatives. The company’s offerings emphasize resilient, secure communications across on-premises, cloud, and hybrid environments, supporting defense and government mission needs while enabling secure enterprise operations in parallel. The overarching goal is to provide secure, adaptable, and scalable solutions that protect sensitive data and critical communications in complex, multi-domain contexts.
Forward-Looking Statements and Risk Disclosures
This release should be read in conjunction with the company’s filings with the Securities and Exchange Commission. The statements herein may constitute forward-looking statements within the sense of applicable securities laws. Forward-looking statements are based on management’s current expectations, estimates, assumptions, and beliefs about future events and conditions. They include, among other things, expectations regarding expansion in the defense sector, the company’s aspirations to become a dedicated partner for the U.S. DoD and IC, the impact of government certifications, and opportunities to participate in classified projects, collaborate on defense initiatives, and bid on government contracts that involve controlled data. Any forward-looking statement speaks only as of the date on which it is made, and VirnetX undertakes no obligation to update or revise any such statements, whether as a result of new information, future events, or otherwise. Risks and uncertainties that could cause actual results to differ materially from expectations include, but are not limited to, the outcomes of regulatory reviews, changes in DoD procurement policies, shifts in export-control regimes, competition within defense contracting, budget cycles, and other factors described in the company’s SEC filings, including the annual report on Form 10-K filed on a prior date. The company cautions readers against placing undue reliance on these forward-looking statements and notes that it cannot predict all risks or factors that may affect future results. Readers should consider these statements in light of all risk factors described in the SEC filings. No obligation to update is assumed unless required by law.
Section I: Understanding the DD Form 2345 Certification and Its Strategic Context
The Militarily Critical Technical Data Agreement, commonly referred to as DD Form 2345, represents a formal recognition by the U.S. Department of Defense that an organization has the requisite secure-coding practices, data-handling procedures, and governance to access and manage technical data with military or space applications subject to export controls. The certification is issued under the umbrella of the DoD’s Joint Certification Program, which coordinates the assessment and accreditation of contractors who need access to controlled data necessary for the development, maintenance, or operation of defense systems. Achieving DD Form 2345 requires a rigorous evaluation of an organization’s information security posture, supply chain integrity, personnel screening practices, and physical-security controls at designated facilities. The certification process also encompasses compliance with regulations that govern export controls under the Export Administration Regulations (EAR) or the International Traffic in Arms Regulations (ITAR), ensuring that unclassified technical data with sensitive implications is handled in a way that protects national security.
The practical implications of DD Form 2345 are multi-layered. First, it enables the holder to receive, process, store, and transmit unclassified but controlled data that has direct relevance to defense or space applications. Second, it allows for collaboration on projects that require access to such data, including design reviews, system integration tasks, and joint development efforts with other DoD or IC participants. Third, it facilitates eligibility to bid on government contracts wherein the success criteria include controlled data handling capabilities. This combination of access, collaboration, and competitive opportunity is particularly valuable for technology firms that bring advanced capabilities such as secure communications, cryptographic resilience, and threat-intelligence-driven defense solutions.
From an operational standpoint, possession of DD Form 2345 signals to program managers and procurement officials within the DoD and IC that the organization has established strong governance around data handling, breach minimization, and compliance with federal security mandates. The certification serves as a gateway, reducing friction for contractors who would otherwise face extended security-clearance processes or data-handling restrictions for projects that rely on controlled data. In VirnetX’s case, the certification complements its portfolio of zero-trust solutions by providing an auditable framework for the secure exchange and preservation of technical data across distributed environments. This is especially critical for systems that span on-premises data centers, private clouds, and public cloud environments, where the risk surface for data leakage or manipulation can be higher if data-handling controls are not robustly enforced.
The DoD’s reliance on Joint Certification Program standards means that certified organizations participate in ongoing oversight and periodic recertification, ensuring continuing alignment with evolving security baselines and export-control policies. For VirnetX, the two facilities in Zephyr Cove and Farmington are key geography anchors that enable secure data exchanges across multiple defense programs. This geographic spread supports continuity of operations, redundancy, and access to a broader network of defense-related collaborators, all while maintaining the stringent security controls expected by DoD and IC customers. The certification also complements VirnetX’s broader strategy of integrating secure communications with digital-engineering methodologies, enabling a more seamless transition from defense concept to system design, development, and deployment across air, land, sea, space, and cyber domains.
Section II: VirnetX’s Strategic Pivot Toward the DoD and IC
The company’s public communications underscore a deliberate shift from a primarily commercial technology provider toward a dedicated partner role with the DoD and IC. This strategic pivot reflects a recognition that the contemporary national security landscape increasingly demands advanced, resilient, and adaptable security architectures that can operate across heterogeneous environments and evolving threat vectors. VirnetX’s emphasis on zero-trust security, secure communications, and MBSE-enabled engineering positions it to contribute to mission-critical programs that demand a high degree of assurance. The DoD’s Digital Engineering strategy seeks to unify development processes, reduce risk, and accelerate delivery by leveraging models, digital threads, and integrated data environments. VirnetX aligns its product suite and services to support these objectives, offering solutions and services designed to integrate with digital engineering workflows while preserving core security guarantees.
A core element of this pivot is the expansion of VirnetX’s offerings beyond standalone security products to a broader ecosystem that includes Digital Engineering services. The company’s MBSE capabilities facilitate formalized representations of complex defense systems through digital artifacts that support traceability, simulation, and verification across lifecycle stages. This is particularly valuable in defense programs that must demonstrate compliance with stringent requirements, perform rigorous verification and validation, and maintain auditable records of design decisions. The combination of secure communications with model-driven engineering creates a cohesive framework for defense programs: communications remain protected as data evolves through design iterations, test scenarios, and system integration activities.
Another dimension of the pivot is the realignment of go-to-market strategies toward government procurement channels, subcontracting opportunities, and partnerships with defense contractors and system integrators. The deployment of DD Form 2345 at two strategically placed facilities signals a readiness to engage with DoD and IC stakeholders in meaningful ways, including participation in programs that require controlled data handling and secure collaboration. The Zephyr Cove facility, situated in a region with proximity to DoD-related infrastructure, and the Farmington facility, positioned to support national-security-focused initiatives in another geostrategic corridor, collectively broaden VirnetX’s potential access to defense programs. The geographic distribution also fosters redundancy and continuity in operations while enabling closer engagement with early-stage opportunities and pilot projects.
A further dimension of the strategic shift is VirnetX’s emphasis on defense-oriented applications for its patented zero-trust platforms. Its products are designed to deliver secure, resilient communications across diverse environments, including on-premises data centers, cloud environments, and hybrid configurations. This capability is essential for mission-critical defense applications such as command and control, battle management, and multi-domain sensor orchestration, where secure and reliable data exchange is non-negotiable. The Dynamic Trust Evaluation mechanism embedded in VirnetX’s architecture adds a layer of continuous trust assessment, enabling adaptive policy enforcement as the network state evolves and as threat signals change. By embedding trust evaluation directly into its platforms, VirnetX aims to provide defense operators with real-time visibility into risk levels and actionable controls to mitigate threats quickly.
The broader significance of the pivot lies in the alignment with DoD and IC priorities around digital modernization, secure communications, and rapid innovation under controlled data rules. VirnetX’s strategic narrative positions the company to capitalize on the DoD’s digital engineering initiatives, which emphasize model-based engineering, simulation-driven verification, and data-driven decision-making across development and operations. In this context, VirnetX’s security architecture, MBSE capabilities, and threat intelligence services are not simply adjunct features but integral components of a holistic approach to defense-ready solutions. The company’s portfolio is framed as a comprehensive ecosystem that can deliver secure communications, data-driven insights, and engineering rigor, all aligned with the DoD’s pursuit of resilient, adaptable, and secure systems across multi-domain operations.
Section III: Defense-Ready Product Portfolio and Capabilities
VirnetX’s technology portfolio includes a suite of offerings designed to secure communications, enable flexible deployment across environments, and support defense-specific use cases. The Secure Domain Name Registry underpins identity and routing integrity, ensuring that domain-level control remains coherent and trustworthy in environments where spoofing or tampering with domain names could compromise critical operations. VirnetX One, the company’s flagship platform, provides a core set of zero-trust networking capabilities that enable secure remote access, device-agnostic connectivity, and protection against data leaks in complex enterprise and government networks. War Room and VirnetX Matrix extend the portfolio into collaboration and orchestration, delivering secure spaces for coordination and real-time, multi-party engagement across distributed teams and systems.
A central feature across the product family is device- and location-independence, meaning that security policies and trusted connectivity persist as users move across devices and geographic locations. This attribute is essential in defense contexts where personnel and assets are distributed across land, sea, air, and space platforms. Security remains intact even as users switch networks or enter contested environments. The platforms are designed to support secure real-time communications for command sequences, battle management activities, and multi-domain sensor coordination, where timeliness and integrity of data are paramount.
Integrated with these core products is VirnetX Dynamic Trust Evaluation, a mechanism that continuously assesses trust conditions and adapts access controls in response to changing threat landscapes. This capability is particularly relevant in defense environments where the risk posture can change rapidly due to emerging cyber threats or operational contingencies. The Dynamic Trust Evaluation framework supports policy enforcement that is both agile and enforceable, helping to reduce lateral movement, contain breaches, and preserve mission-critical operations even under adverse conditions.
Beyond secure communications, VirnetX emphasizes Cyber Threat Intelligence services that empower defense leaders with proactive insights. These services—ranging from threat assessments to intelligence-driven defense planning—provide actionable recommendations to preempt adversary movements, anticipate vulnerabilities, and shape defensive postures before incidents manifest. In practice, the combination of secure communications, trusted networks, MBSE-driven design, and threat intelligence forms a robust defense-in-depth approach that can be tailored to specific DoD programs, platforms, and mission contexts.
The portfolio’s defense-readiness is complemented by Digital Engineering services that align with DoD’s modernization priorities. Modeling, simulation, and systems engineering workflows are integrated to support design decisions, risk management, and performance optimization across complex integrated systems. This alignment is not merely additive; it represents a strategic synthesis of security, engineering rigor, and data-driven decision-making designed to meet the DoD’s expectations for modern, cyber-resilient defense capabilities. VirnetX emphasizes interoperability and scalability, ensuring that its platforms can operate with other defense systems, data warehouses, and sensor networks while maintaining the highest levels of security and trust.
In practice, these capabilities enable VirnetX to target defense applications across multiple domains. In land operations, secure communications support command and control and mission-planning activities; in sea operations, resilient connectivity supports vessel coordination and logistics; in air operations, real-time data exchange and secure control surfaces strengthen air defense and mission execution; in space, the ability to protect critical space-derived data and maintain trusted links to satellites and ground stations is essential; and in cyber domains, threat intelligence and rapid response capabilities contribute to an integrated defense posture. The defense-oriented product suite is designed to meet the stringent security, reliability, and performance requirements that characterize DoD programs, while preserving the flexibility required to respond to evolving mission needs and technological advances.
Section IV: Digital Engineering and Model-Based Systems Engineering for DoD Alignment
VirnetX positions its Digital Engineering services as a core differentiator that complements its secure communications capabilities. Model-Based Systems Engineering (MBSE) replaces traditional document-centric approaches with model-centric workflows that enhance traceability, collaboration, and risk management throughout system lifecycles. MBSE supports DoD goals of digital modernization by enabling engineers, analysts, and program managers to work from shared digital representations of systems, data flows, interfaces, and performance requirements. This approach improves the ability to simulate, verify, and validate system behavior before fielding, reducing costly late-stage changes and increasing confidence in program outcomes.
The Digital Engineering services offered by VirnetX include Cyber Threat Assessments, which provide structured analyses of adversary capabilities and potential attack scenarios relevant to defense systems. By combining threat intelligence with engineering data, VirnetX helps clients prioritize mitigations and design decisions that harden systems against cyber intrusions while preserving necessary functionality. The MBSE processes facilitate alignment with DoD Digital Engineering strategies, which emphasize a digital thread that connects design concepts to manufacturing, deployment, and sustainment activities across the system’s life cycle. This connection enables end-to-end traceability of requirements, design decisions, test results, and field performance, which is critical for defense programs that demand rigorous verification and validation, safety assurance, and strict configuration management.
These digital-engineering capabilities enable VirnetX to participate in complex DoD programs that require dependable system integration across multiple platforms and domains. The MBSE-driven capability supports cross-domain sensor fusion, secure data exchange, and the orchestration of mission-critical information flows in a coordinated manner. It also enables the company to contribute to the DoD’s broader modernization initiatives by providing model-based designs that can be iterated, tested, and improved in simulated environments before deployment. The dual emphasis on secure connectivity and rigorous engineering discipline creates a compelling value proposition for DoD and IC customers seeking integrated, auditable, and scalable solutions that can evolve with mission requirements and technology trends.
Section V: Security, Compliance, and Data Handling Across Environments
VirnetX’s approach to security is central to its value proposition for defense programs. The company’s architecture is built around zero-trust principles, which assume no implicit trust for any device, user, or network boundary. This approach requires continuous verification of identity, device posture, and authorization for every access attempt, regardless of location. By combining ZTNA with Dynamic Trust Evaluation, VirnetX provides adaptive control mechanisms that respond to evolving risk signals, enabling defense operators to enforce least-privilege access, segment networks, and restrict sensitive data flows as conditions change. The security model is designed to operate across on-premises data centers, cloud environments, and hybrid configurations, ensuring consistent policy enforcement and data protection regardless of where systems reside.
Data handling in controlled environments—where access to military or space-related information is regulated—requires robust governance and compliance with export-control laws. VirnetX’s DD Form 2345 certification is integral to this capability, as it demonstrates that the company has implemented the policies, procedures, and controls necessary to protect sensitive information in accordance with EAR and ITAR frameworks. The infrastructure supports secure data ingress and egress, data-at-rest protection with robust encryption, and stringent access controls that are auditable and auditable to DoD requirements. Physical security of facilities, personnel clearance procedures, and supply-chain integrity forms part of the overall security posture, ensuring that both digital and physical dimensions of the organization meet defense expectations for handling controlled data.
In practice, the security design supports critical use cases such as command-and-control message exchanges, secure battle management information sharing, and multi-domain sensor data coordination. The ability to maintain secure, continuous operation under potentially contested conditions is a key differentiator for VirnetX’s defense-oriented offerings. The company emphasizes resilience—ensuring that networks can withstand disruption, maintain communications, and recover rapidly—while preserving the confidentiality, integrity, and availability of data across the system. The security architecture also emphasizes vulnerability management, incident response readiness, and routine security assessments that align with federal expectations for defense contractors operating with controlled data.
Section VI: Operational and Market Implications of the Certification
The DD Form 2345 certifications for VirnetX’s Zephyr Cove and Farmington facilities carry meaningful implications for the company’s operations and market positioning. First, they enable do-it-yourself and collaborative opportunities to engage in classified projects or projects with data restricted under export-control regimes. This expands VirnetX’s potential pipeline in defense and intelligence programs that require access to controlled data and strict data-handling protocols. The certifications reduce barriers to entry for government bids and partnerships, providing a credible signal to DoD program offices, prime contractors, and defense integrators about the company’s readiness for mission-critical tasks.
Second, the certifications support broader government collaboration, enabling VirnetX to participate in defense programs that demand secure communications, MBSE-driven systems engineering, and threat-intelligence-driven defense planning. The company’s digital engineering capabilities and MBSE processes align with DoD modernization goals by enabling efficient design, validation, and deployment of secure systems across multi-domain operations. This alignment is particularly relevant for projects focusing on command-and-control architectures, battle management systems, and cross-domain sensor networks that require secure interoperability and robust governance.
Third, the certifications have strategic implications for workforce development and capacity planning. Engaging with DoD and IC programs often entails considerable program-management discipline, governance maturity, and specialized security training. VirnetX’s approach to MBSE, cyber threat intelligence, and secure communications requires a workforce with deep expertise in security engineering, risk assessment, and model-based engineering. The two facilities can attract talent with government-friendly credentials and environments designed to support secure, mission-focused work. The expanded opportunity set could also stimulate partnerships with defense contractors, system integrators, and government laboratories, enriching the company’s ecosystem and expanding its capabilities through collaboration.
From a market perspective, the certification deepens VirnetX’s competitive differentiators in the defense domain. The combination of a patented zero-trust architecture, secure communications platforms, MBSE-enabled engineering, and threat intelligence services provides a differentiated value proposition in a defense market that increasingly emphasizes secure data handling, cross-domain interoperability, and rapid modernization. The certifications also position the company to respond to evolving DoD priorities, including those related to digital engineering, secure collaboration across domains, and integrated cyber defense services. In sum, the certifications are not only a validation of current capabilities but also a catalyst for broader engagement with government programs, expansion of the defense-oriented product footprint, and continued investment in security, engineering rigor, and threat intelligence.
Section VII: Partnerships, Collaboration, and Strategic Outlook
VirnetX’s move into the DoD and IC space through the DD Form 2345 certifications signals a broader strategic intent to cultivate partnerships across the government, defense contractors, and system integrators. By establishing secure facilities and process foundations capable of handling controlled data, VirnetX creates a platform for collaborations that can extend beyond a single program to a network of engagements within the defense ecosystem. The company’s emphasis on digital engineering and MBSE positioning invites collaboration with other defense technology companies, academia, and government research entities to develop joint solutions that incorporate model-based design, secure data exchange, and cyber threat intelligence.
In the near term, the defense market presents opportunities in areas such as secure battlefield communications, cross-domain sensor coordination, and resilient command-and-control information flows. VirnetX’s technology stack—ZTNA, secure domain management, multi-domain security features, and threat intelligence—could be leveraged as a foundational layer for integrated defense systems that require secure connectivity and rapid decision-making across distributed assets. The company’s ongoing alignment with the DoD’s Digital Engineering strategy further enhances its attractiveness as a partner capable of contributing to modern defense programs that rely on digital threads and model-based design.
Nonetheless, VirnetX faces challenges inherent to defense contracting. The procurement environment is characterized by long cycles, complex compliance requirements, and the need to demonstrate consistent performance across multi-year programs. Budget fluctuations, regulatory changes, and evolving export-control policies can influence program prioritization and funding. The company’s growth will depend on its ability to maintain robust security postures, sustain continuous improvement in MBSE practices, and deliver mission-critical outcomes within stringent schedules and performance criteria. The defense landscape also involves competition from established defense primes and other technology companies pursuing similar opportunities, making differentiation through security, engineering rigor, and data-management capabilities essential for success.
Section VIII: Forward-Looking Statements, Risks, and Regulatory Disclosures
The company’s forward-looking statements reflect current expectations regarding expansion in the defense sector, becoming a dedicated partner to the U.S. DoD and IC, and the anticipated impact of government certifications on its ability to participate in classified projects, defense initiatives, and government contracts. These statements are based on management’s beliefs as of the date of the release and are subject to assumptions, risk factors, and uncertainties that could cause actual results to differ materially. The risks include, but are not limited to, regulatory developments, changes in government procurement practices, export-control policy shifts, and the overall pace of defense modernization. Additional risk factors are described in the company’s SEC filings, including the most recent annual report on Form 10-K, which outline the company’s exposure to market dynamics, competition, technology risk, and other factors that could influence future results. The company cautions readers that forward-looking statements should not be relied upon as guarantees of performance and that actual results may differ due to various factors beyond management’s control.
Conclusion
VirnetX’s attainment of DD Form 2345 certifications for its Zephyr Cove, Nevada, and Farmington, Utah facilities marks a decisive inflection point in the company’s strategy and execution. By validating its capacity to handle controlled, militarily relevant data and by aligning its security posture with DoD and IC requirements, VirnetX positions itself to contribute meaningfully to defense modernization efforts and mission-critical programs. The certification supports the company’s pivot toward defense-oriented solutions, including its patented zero-trust platforms, MBSE-enabled Digital Engineering services, and threat intelligence capabilities, all designed to ensure secure communications, resilient networks, and model-driven system development across land, sea, air, space, and cyber domains. This milestone strengthens VirnetX’s credibility as a trusted partner capable of delivering secure, scalable, and interoperable solutions in high-stakes environments while expanding opportunities to engage with government programs that rely on controlled data handling and rigorous security governance. As VirnetX continues to execute on this strategic path, the company’s integrated approach—combining secure communications, engineering rigor, and intelligence-driven defense capabilities—positions it to participate in critical DoD initiatives, contribute to national security, and support defense transformation in a rapidly evolving threat landscape.