Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
SAMDAILY.US - ISSUE OF OCTOBER 19, 2024 SAM #8362
SPECIAL NOTICE

D -- Request for Information - FAA Cybersecurity Threat Hunting

Notice Date
10/17/2024 10:26:11 AM
 
Notice Type
Special Notice
 
NAICS
54151 —
 
Contracting Office
693KA8 SYSTEM OPERATIONS CONTRACTS WASHINGTON DC 20591 USA
 
ZIP Code
20591
 
Solicitation Number
693KA8-25-RFI-ThreatHunt
 
Response Due
11/5/2024 7:00:00 AM
 
Archive Date
11/20/2024
 
Point of Contact
Shaun Miles, Phone: 2022676311
 
E-Mail Address
shaun.miles@faa.gov
(shaun.miles@faa.gov)
 
Description
The Federal Aviation Administration (FAA) is hereby issuing a request for information (RFI) regarding�Cybersecurity Threat Hunting. Purpose: The purpose of this RFI is to understand both industry approaches and industry capabilities related to Cybersecurity Threat Hunting. Responses to this RFI will assist the FAA with future cybersecurity acquisition planning and future cybersecurity requirements definition in support of the FAA mission to provide the safest, most efficient aerospace system in the world. Instructions for Submittals: The FAA will only accept email submittals addressed to the FAA Primary Point of Contact of this RFI. The email subject line must include the SAM.gov announcement number followed by the company name. Individual e-mail message size (i.e., email body text plus any attachments) must not exceed 19MB. The FAA requests that an industry response to this RFI include Company point(s) of contact, title(s), telephone number(s), email address(es) Company Capability statement Company responses/feeback to the items below, as applicable: Describe the key fundamentals of a Threat Hunting program built for a federal agency. Do you use an industry standard model for Threat Hunting? If so, what model is utilized? Discuss a model that you would recommend for the FAA NAS environment? What tools does your threat hunting team utilize? COTS: Open Source: GOTS: Other: Describe the deliverables involved in your Threat Hunting program How long does a typical hunt last? In edge cases, what factor(s) contribute to a hunt ending early or extending well past estimated targets? What is the skillset and distribution within your personnel? Do your Threat Hunters specialize? If so, what specialties would your ideal team be made of? If not, please discuss the core skillset your ideal team contains. In an ideal team, what support personnel would you have? Describe the distinction and collaboration between various groups/functions such as; threat hunting, OSINT, SOC, threat intelligence, indicator of compromise generation, etc. What are the key groups/functions that must exist? Should those key groups/functions exist within one Threat Hunting team or does collaboration work better? What skillsets, tools, or other experience make a good Threat Hunter? Discuss this per role if there are various roles. Disclaimer: This is not a Screening Information Request (SIR). This notice serves as performance of an FAA market analysis in accordance with AMS Procurement Guidance T3.2.1.2.A.1. All costs associated with the preparation and/or submission of responses are the responsibility of the respondent. The U.S. Government will not pay for any information received or costs incurred associated with a submittal for this specific notice. All proprietary and/or confidential information contained in a submission must be marked appropriately. The FAA�s acquisition policies, guidance, and instruction are found at https://fast.faa.gov/. Participation in this RFI notice is voluntary. Responses will be reviewed by FAA employees and a limited number of FAA support contractors working under non-disclosure agreements. Should a respondent require an NDA be signed between the respondent�s business entity and an FAA support contractor, please email the point of contact listed within this notice indicating so. The FAA has the option of conducting one-on-one communications as deemed appropriate without the obligation to hold communications with all respondents. A business entity responding to this notice neither qualifies respondents for, nor excludes respondents from, responding to a resulting SIR, if any. Thank you in advance to all companies that provide a response.
 
Web Link
SAM.gov Permalink
(https://sam.gov/opp/c8c4b0408ca04b95b280cf442ffd3078/view)
 
Record
SN07242393-F 20241019/241017230104 (samdaily.us)
 
Source
SAM.gov Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's SAM Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.