SPECIAL NOTICE
99 -- Extended Detection and Response (XDR)
- Notice Date
- 6/5/2023 7:31:20 AM
- Notice Type
- Special Notice
- NAICS
- 541519
— Other Computer Related Services
- Contracting Office
- ACQUISITIONS - AQM MOMENTUM WASHINGTON DC 20520 USA
- ZIP Code
- 20520
- Solicitation Number
- DOS_XDR_2023
- Response Due
- 6/2/2023 12:00:00 PM
- Archive Date
- 06/17/2023
- Point of Contact
- Sara Marron, Lily Fangios
- E-Mail Address
-
marronsm2@state.gov, fangios@state.gov
(marronsm2@state.gov, fangios@state.gov)
- Description
- PROBLEM STATEMENT Background and Root Cause Increased security and logging requirements have caused information overload for Security Analyst.� Today's demands for cyber related services have resulted in more security alerting, excessive logging and longer analysis time needed to detect malicious activity.� The combination of too many alerts and too little context causes security teams to lose visibility and control. Extended detection and response (XDR) has emerged as a response to this problem. XDR is a category of threat detection, investigation, and response solutions that work together across all threat vectors in a company�s infrastructure � including network, endpoint, cloud, and identity rather than just one aspect of the infrastructure. By building integration directly into the architecture, XDR tools by design deliver threat insights and recommendations that optimize how security teams operate. The Department of State is seeking input from the XDR vendor community to conduct market research on potential solutions. The intent of this problem statement is to broadly announce the Department�s need and find opportunities to conduct more targeted engagements (i.e., one-on-one meetings) with those vendors that may be able to provide these solutions. These meetings are an opportunity to exchange general information and conduct market research related to a possible acquisition. There is no requirement that the meetings include all possible vendors, and the government will select those vendors that they would like to consider for these meetings.� This notice should not be construed as a commitment by the Government for any purpose other than market research. This announcement does not commit the Government to any contractual agreement. The Government is not seeking proposals and will not accept unsolicited proposals. No reimbursement will be made for any costs associated with providing information in response to this announcement or any follow-up information requests. All interested vendors shall submit a response demonstrating their capability of providing a fully integrated solution addressing the salient points of the solution as described in this notice to the Points of Contact (POCs) listed below.� Viable Solution Flexible suite of endpoint protection features to identify and prioritize endpoint risks, reduce attack surface and stop data loss. Holistic approach to detection and response that eliminates blind spots, increases accuracy, and streamlines investigations across all environments, including network, cloud, and endpoint. View all your endpoint, network, and cloud activity in a single dashboard that simplifies event correlation. Simplify investigations by automatically revealing the root cause, sequence of events, and threat intelligence details of alerts. Deliver a comprehensive set of machine learning and analytics techniques to stay ahead of rapidly evolving threats and counter sophisticated attacks. View coverage across attack surfaces with security alerts mapped to the MITRE ATT&CK� framework. Enrich investigations and User Behavior Analytics alerts with threat intelligence feeds. Users Security Analyst Features Data collection Threat Detection (anomalous and signature based) Threat Prevention (Deny/Block) Threat Response/Remediation Automated Playbooks External Integration:� SOAR Threat Hunting User and Entity Behavior Analytics System environments Analysis performed through a Cloud Service Provider Preferably AzureGov Preferably FISMA High Capable of monitoring Onprem and Cloud environments Concerns FISMA High may not be available, but need to ensure process to become high is being worked Compatibility with others end point agents/clients Submission Instructions: All interested vendors shall submit a capability statement of no more than 2 pages (8x11 standard letter format, 12 point Arial font, .pdf format preferred) that explicitly demonstrates their capability to provide/perform the requirements stated in this notice. If late information is received, it may or may not be considered depending on agency time constraints. The capability statement should be concise, yet clearly demonstrate an ability to meet the stated requirements. The statement shall include answers to the following inquiries: Please provide company information including: Name of Company Address Points of Contact (to include phone number and email address). Recent, relevant experience in all related areas. Planned Teaming and/or subcontracting arrangements and previous experience with those partners. Firms responding to this announcement should indicate whether they are a large business, SB, 8(a) certified business, HUBZone, EDWOSB, WOSB, or SDVOSB. Company size status and CAGE code. Whether your company is domestically or foreign-owned. If foreign-owned, please indicate the country of ownership and any contemplated use of foreign national employees on this effort. RESPONSES ARE DUE TO THE POCs BELOW NO LATER THAN 3:00 P.M. (ET) ON 02 JUNE 2023.� POC: �Swindell, Nicholas L (SwindellNL@state.gov) � � � � � �Morgan, Brett M (MorganBM2@state.gov) � � � � � �IndustryLiaison@state.gov Contacts listed for this notice are for AQM.
- Web Link
-
SAM.gov Permalink
(https://sam.gov/opp/988a466cf13b4e0d8db63475030dd8e8/view)
- Record
- SN06703848-F 20230607/230605230103 (samdaily.us)
- Source
-
SAM.gov Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's SAM Daily Index Page |