Specifications include, but are not limited to: 1. On-going Security Assessments: • Quarterly internal vulnerability assessments & pen test • Monthly external vulnerability assessments & pen test • Quarterly ASV scans for PCI compliance • Semi-annual web application vulnerability scans • Semi-annual firewall review assessment • Annual active directory scan • Cyber Security consulting on related topics/environment infrastructure • Semi-annual social engineering & security awareness training • Monthly virtual CISO calls 2. 24x7x365 Monitoring (Managed Detection and Response): • Full 7-layer packet inspection • Full packet analysis • Behavioral and signature anomalies • Log analysis of firewall logs and DC events • Event correlation • Dedicated portal with Security Operations Center (SOC) access for questions / concerns • Coverage 365 days, 24x7 3. 24x7x365 Advanced Endpoint (Endpoint Detection and Response): • Actionable recommendations and security event prioritization. • Policy tuning, exclusions, and reduction of false positives • Ensure business continuity and network hygiene in near real-time • Access to experts to escalate security events • Hunting capabilities to detect latent threats and gain deep visibility • Accelerate response time with automated mitigation and containment • Coverage 365 days, 24x7 • Monitor static and behavioral AI, documents, scripts, exploits, and lateral movement • Includes annual maintenance / licensing of SentinelOne endpoint protection software for up to 525 endpoints (includes ransomware warranty from endpoint software vendor). • Provide a cyber-security dashboard for the City’s IT team to visually monitor the state of the network
