Adapt Forward, LLC (N6523624R3026)

Case: B-424006 Agency: Department of the Navy : Naval Information Warfare Systems Command Date: 2026-02-18 Denied
View full decision with AI analysis on ProtestIntel →
B-424006 Feb 18, 2026 Jump To VIEW DECISION DOWNLOADS RELATED PAGES GAO CONTACTS Highlights Adapt Forward, LLC, of Charleston, South Carolina, protests the issuance of a task order to 3ReSen, LLC, of Mechanicsville, Virginia, under request for proposals (RFP) No. N6523624R30260004, issued by the Department of the Navy, to support the Naval Information Warfare Center (NIWC) Atlantic's Cybersecurity Service Provider (CSSP) team. The protester--the incumbent contractor--asserts that the agency unreasonably evaluated the awardee's technical proposal. We deny the protest. View Decision DOCUMENT FOR PUBLIC RELEASE The decision issued on the date below was subject to a GAO Protective Order. This redacted version has been approved for public release. Decision Matter of: Adapt Forward, LLC File: B-424006 Date: February 18, 2026 Lewis P. Rhodes, Esq., and Thomas K. David, Esq., Reston Law Group, LLP, for the protester. Paul Hawkins, Esq., and Callie M. Loveland, Esq., Gentry Locke, for 3ReSen, LLC, the intervenor. Scott J. McGuigan, Esq., and Christian J. Flask, Esq., Department of the Navy, for the agency. Kenneth Kilgour, Esq., and Heather Weiner, Esq., Office of the General Counsel, GAO, participated in the preparation of the decision. DIGEST 1. Protest that the agency unreasonably evaluated the awardee's technical proposal is denied where the record demonstrates that the evaluation was reasonable and consistent with the solicitation. 2. Allegation that the agency unreasonably determined that the awardee's proposal provided a contract reference for the prime contractor is denied where the record demonstrates that the evaluation was consistent with the solicitation and procurement law and regulation. DECISION Adapt Forward, LLC, of Charleston, South Carolina, protests the issuance of a task order to 3ReSen, LLC,[1] of Mechanicsville, Virginia, under request for proposals (RFP) No. N6523624R30260004, issued by the Department of the Navy, to support the Naval Information Warfare Center (NIWC) Atlantic's Cybersecurity Service Provider (CSSP) team. The protester--the incumbent contractor--asserts that the agency unreasonably evaluated the awardee's technical proposal. We deny the protest. BACKGROUND The Navy issued the solicitation on March 3, 2025, as a small business set-aside pursuant to Federal Acquisition Regulation (FAR) subpart 16.5, seeking proposals from holders of the Navy's seaport-next generation (SeaPort-NxG) indefinite-delivery, indefinite-quantity (IDIQ) multiple award contact. AR, Tab 4, RFP amend. 0004 (RFP) at 141. The RFP advised offerors that the Navy would issue a cost-plus-fixed-fee/level of effort task order to the offeror whose proposal, conforming to the solicitation, was determined to be technically superior and whose price was determined to be fair and reasonable based on a cost/price analysis. Id. at 4, 141. The two non-cost evaluation factors were technical capability and staffing plan; the technical capability factor was significantly more important than the staffing plan factor. Id. at 141. There was no tradeoff between the non-cost factors and cost/price. Id. Under the technical capability factor, the RFP advised offerors that the Navy would evaluate offerors' corporate experience under four subfactors: managing of network architecture, identifying and reporting cyber events, customization of security incident and event management (SIEM) tools, and purple teaming.[2] Id. at 143-144. Offerors were required to “submit data on current contracts performed by the offeror and each proposed significant subcontractor (if applicable) for efforts relevant to the requirements of this RFP.” Id. at 134. The RFP reiterated: “At least one (1) current and relevant contract reference shall be submitted by the prime contractor and each significant subcontractor[,]” up to a total of no more than five references. Id. The RFP defined current as performed within 5 years of the date of solicitation issuance; relevant was defined as “similar to the requirements of this RFP.” Id. As relevant to this protest, the RFP contained the following evaluation criteria under the managing of network architecture subfactor: Subfactor A1: Managing of Network Architecture Demonstrate experience directly supporting a Cyber Security Service Provider (CSSP) that provides concurrent support to five (5) or more CSSP Subscribers. The offeror shall provide the following information for all supported subscribers: 1. Dates of support 2. The name of the supported CSSP subscriber(s) 3. Identify tool suites used to monitor the network architectures 4. Identify the type of network architecture being monitored For purposes of this subfactor, the definition of ‘Subscriber' is as follows: an organization or entity that has entered into a formal agreement to receive cybersecurity services, support, and/or protection from a Provider. Id.

Full decision text continues on ProtestIntel...