Loading...
Our Services
Learn More
We're a service-disabled, veteran-owned, HUBZone certified, small business, headquartered in Huntsville, Alabama, that provides cybersecurity and information assurance services and support.

Our Services

H2L strives to deliver the best security posturing in a package that is amiable and knowledgeable.






  • Red Team Services
  • External Penetration Tests​
  • Internal Penetration Tests​
  • Web Application Tests​
  • Social Engineering Campaign​
  • Phishing Campaign​
    • Executive Report​
    • Technical Report
      • Mitigation Strategies​
      • Technical Recommendations
  • On-Site Pre-Inspections
  • Automated and Manual STIG Checklists​
  • Recommendations for Mitigation or Remediation​
  • SCAP, ACAS/Nessus Scans​
  • Personnel Interviews​
  • Physical Security Walk-Throughs​
  • eMASS Subject Matter Expertise​
  • Documentation Review​
  • Review of Self-Assessment of Controls​
  • Risk Assessment Workbook (RAW)
  • Identify Security Requirements
  • Implement Best Practices
  • Product and Application Development
  • Implementation of SDLC Models to Manage Engineering Projects​
  • Troubleshoot, Debug, and Implement Software Code​
  • Meet Software Assurance Requirements
  • CMMC Level 3 Pre-Assessment Services
  • Compliance Gap Analysis​
  • CUI Scoping Assistance​
  • Policies, Procedures, and Plan Documentation Development
  • System Security Plan (SSP) Development
  • Customer Responsibility Matrix Development
  • Continuous Monitoring Strategy Development
  • CMMC Assessment Prep and Documentation Inventory Review
  • Compliance GAP Analysis​
  • Policies and Plan Documentation Development​
  • CUI Data Classification & Management​
  • Cyber Incident Response Plan Development
  • Subcontractor Compliance Management
  • NIST 800-171 Implementation
  • Vulnerability Assessment
  • Security Consulting
  • RMF Categorization Guidance​
  • Migration from DIACAP to RMF​
  • RMF Implementation Plan​
  • Risk Assessment​
  • Package Creation​
    • Artifact Development​
    • System Security Plan​
    • STIG Implementation​
    • IAVA updates
  • eMASS Navigation
  • POA&M Management
  • Service during Design, Construction, and Commissioning​
  • Implementation of UFC 4-010-06​
  • Unified Facilities Guide Specifications (UFGS) Tailoring for Facility-Related Control Systems (FRCS)​
  • Security Controls Selection and CCI Lists​
  • Policies and Plans (e.g. SSP, POA&M, SAP)​
  • Equipment Hardening​
  • Scans and Checklists​
  • Performance and Functional Testing