Specifications include, but are not limited to: The EHPS district is looking to enter into a contract with a SOCaaS provider to assist with 24x7x365 threat monitoring, detection and incident response, threat intelligence. The district is looking for SOC providers that use a combination of technologies, analytics, and specialized skills to enable rapid detection, analysis, and investigation of incidents. The district looks to benefit from end-to-end SOC capabilities that adhere to the best practice Cybersecurity and Infrastructure Security Agency (CISA) guidelines for SOC shared service providers. The district looks to benefit from end-to-end SOC capabilities that adhere to the best practice Cybersecurity and Infrastructure Security Agency (CISA) guidelines for SOC shared service providers. Capabilities should include the following, however if other options are available, they should be listed out: Cyber threat intelligence Network and system monitoring Incident response Cyber hunt Logging-as-a-Service Endpoint Detection and Response (EDR) Managed Security Information and Event Management (SIEM) Client portal for metrics and dashboards SOC resilience Forensics Onboarding and customer support
