Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF MARCH 03, 2017 FBO #5579
SOURCES SOUGHT

70 -- Sources Sought/ Request for Information: Open Source Intelligence Solutions

Notice Date
3/1/2017
 
Notice Type
Sources Sought
 
NAICS
511210 — Software Publishers
 
Contracting Office
Social Security Administration, Office of Budget, Finance, Quality and Management, Office of Acquisition and Grants, 1540 Robert M. Ball Building, 6401 Security Boulevard, Baltimore, Maryland, 21235, United States
 
ZIP Code
21235
 
Solicitation Number
SSA-RFI-17-1037
 
Archive Date
3/25/2017
 
Point of Contact
Terry Hemming,
 
E-Mail Address
terry.hemming@ssa.gov
(terry.hemming@ssa.gov)
 
Small Business Set-Aside
N/A
 
Description
OVERVIEW This Request for Information (RFI) is to determine the market availability of open source intelligence service solutions to meet the requirements outlined below, and the technical capabilities of qualified vendors of these open source intelligence service solutions. THIS ANNOUNCEMENT IS NOT A REQUEST FOR PROPOSALS. The Government is not committed to issue a solicitation or award a contract pursuant to this announcement, or based on responses to this announcement. The information from this market research survey will be used by the Government for planning purposes, and may assist the Government in development of strategies for future acquisitions. As such, the Government will not entertain questions concerning this RFI, and will not pay any costs incurred in the preparation of information for responding to this market survey, or the Government's use of the information. Proprietary information submitted in response to this RFI must be clearly identified as proprietary information. BACKGROUND SSA is investigating services and tools to complement the agency's existing open source intelligence capabilities. SSA seeks to to integrate collected intelligence information security event and incident management platforms, to alert on potential threats targeting the agency. SSA seeks to leverage information from a broad and diverse dataset maintained to represent the current threat landscape that the agency faces. OBJECTIVES SSA's goal is to leverage a third-party service to obtain open source intelligence, and to integrate gathered intelligence with the agency's security event and incident management platform. SSA is requesting information from interested and qualified vendors regarding their open source intelligence solutions, which can detect impending cyber threats, integrate with security event and incident management platforms, provide detailed attribution of known incidents, and discover strategically advantageous information to a potential threat actor. SSA acknowledges that respondents may bundle their open source intelligence capability into products that support other technologies. Although SSA is interested in these technologies, respondents should focus their responses on open source intelligence as the primary concern. Respondents should also assume that the agency is familiar with promotional material concerning their offerings. This RFI seeks information that is not readily available through those channels. PRODUCT REQUIREMENTS The solution must provide the following features and functionality. Qualified vendors must detail in their response if and how each requirement can be met by their proposed solution. Additional features and functionality are also welcome. 1. The solution must be a commercial off the shelf (COTS) product. 2. The solution must be commercially available as of February 1st 2017. 3. The solution must provide application program interface (API) access for integration with Security information and event management (SEIM) platforms. 4. The solution must support the addition of ad-hoc queries. 5. The solution must monitor and alert on saved ad-hoc queries. 6. The solution must provide near real-time information. 7. The solution must provide Indicators of Compromise (IOC's), attributable tactics, techniques, and procedures (TTP's), pre-intrusion intelligence. 8. The solution must provide automated reporting capabilities. 9. The solution must integrate with Splunk and leverage the Splunk Common Information Model (CIM). 10. The solution must be an automated cloud service. 11. The solution must detect publically available information relevant to the agency which may be useful to a threat actor. 12. The solution must allow the agency to define a variety of indicators. 13. The solution must leverage a wide variety of internet resources which are representative of the current cyber threat landscape (ex. Visible web, Deep/Dark web, etc.). 14. The solution must be a centralized open source intelligence gathering platform. 15. The solution must provide an attributable source for gathered information. 16. The solution must identify the type of vulnerability exploited and provide recommendations for remediation. 17. The solution must allow a security analyst to review and conduct further analysis of identified events. 18. The vendor must provide Section 508 compliance information. 19. The vendor must provide IPv6 compatibility information. 20. The solution must support industry standard network protocols. VENDOR RESPONSES Interested firms with the capability of providing the requirement shall submit capability statements that demonstrate their expertise in the above-described areas in sufficient detail, including any other specific and relevant information, so the Government can determine the firm's experience and capability to provide the requirements. Failure to demonstrate capability to provide the requirement in response to this RFI may affect the Government's review of the industry's ability to perform or provide these requirements. In addition to capability statements, firms must include the following information in their responses: 1. Organization name, address, email address, website address, and telephone number; 2. Size, type of ownership, and socioeconomic designation for the organization [i.e. small business, small disadvantaged business, 8(a), women-owned small businesses, veteran-owned small businesses, service disabled veteran-owned small businesses, Historically Underutilized Business Zone small businesses, etc.]; 3. Availability of products and services via GSA FSS contract, GWAC, or other Government contract vehicle; 4. Product cost and/or pricing data, inclusive of annual maintenance. 5. Have you implemented your solution with a Government agency of a similar size and scope? If so, provide reference information. 6. Describe any third party alliances, relationships, or dependencies for the service and/or tool. 7. Provide information on your information gathering methodology. 8. What types and levels of training do you provide or recommend? If applicable, describe training materials offered. 9. What is your anticipated learning curve for technical administrators and tool users? 10. What follow on /off hours support will be provided? Submit electronic responses only,via email, by 12:00 PM, ET, March 10, 2017, to the Contract Specialist at terry.hemming@ssa.gov. Faxed information will not be accepted. The size limitation for email attachments is 5 megabytes. NO FORMAL SOLICITATION IS BEING ISSUED AT THIS TIME. The Government will not pay for information submitted in response to this RFI. Respondents will not be notified of any evaluated results from the data received. No telephone calls regarding this RFI will be accepted or returned.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/SSA/DCFIAM/OAG/SSA-RFI-17-1037/listing.html)
 
Record
SN04418306-W 20170303/170301234134-acc50601a2b59bed0c5870b401f65fb7 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.