The selected vendor shall provide a turnkey cloud-based analytics platform that includes: ● Daily Ingest Capacity: Scalable licensing model starting at 150GB/day ● Hosting Environment: FedRAMP High or IL5-equivalent authorized cloud ● Data Sources: Compatibility with Windows, Linux, macOS, network devices (e.g., firewalls, switches), cloud applications (e.g., Microsoft 365), and endpoint telemetry ● 2 Weeks Professional Implementation Services – Provided by VAR ● Features Required: ○ Real-time event correlation and threat detection ○ Prebuilt and customizable dashboards and reports ○ Alerting and escalation workflows with role-based access control ○ Automated response and investigation playbooks ○ Integration with APIs, syslog, and common log formats ○ Advanced search and data modeling capabilities for structured and unstructured data ● Security Compliance: Alignment with NIST 800-53, CISA guidelines, and OMB M-21-31 ● Operational Requirements: ○ 99.9% or higher uptime SLA ○ Web-based interface with role-based access ○ User-friendly data onboarding and parsing workflows...
