Loading...
Skip to main content
PhoneCall Us: 800-835-4603 AvatarLogin
Login Window
Forgot your password?
< Back to results

Network Detection and Response

Location
Virginia
Publication Date
05/29/2025 09:08 AM EDT
Closing Date
06/12/2025 01:00 PM EDT
Issuing Organization
STATE, DEPARTMENT OF - STATE, DEPARTMENT OF - ACQUISITIONS - AQM MOMENTUM
Solicitation Number
LockedRegistered members only
Description

The Office of Cyber Monitoring and Operations within the Department of State’s Bureau of Diplomatic Security, Directorate of Cyber and Technology Security manages a comprehensive portfolio of cybersecurity tools deployed to secure the Department of State’s (DOS) networks and data. This document outlines the requirements supporting the technical replacement and maturation of the Enterprise Network Detection and Response.

  1. SCOPE

    1. Security Posture
      1. The DOS Cyber Protection program requires the capability to monitor network traffic to rapidly detect, assess and act upon anomalous activity on the Department’s networks.  The ideal solution will baseline normal network activity, evaluate network packet metadata, and leverage threat intelligence to identify and escalate potential threat activity.  The Department needs a solution that will leverage advances in Artificial Intelligence and Machine Learning to streamline threat detection and response actions. 
    2. Monitoring and Incident Response Responsibilities
      1. The scope of the Department’s monitoring and incident response responsibilities encompasses a hosted environment (network) that includes but is not limited to: 1) on-prem Sensitive but Unclassified (SBU); 2) SBU Azure Cloud environments, and 3) SBU AWS cloud environments.  Various applications and services are hosted through multiple cloud service models such as IaaS, PaaS, and SaaS.
    3. Scalable Capacity
      1. In addition, the Department recognizes the need for any network detection and response capability to include a strategy and scalable capacity to monitor multiple disparate environments.  These environments include: air-gapped networks; dedicated internet networks (DINS); Demilitarized Zones (DMZs) hosted domestically and overseas (not connected to the enterprise network); and multiple, distinct Cloud Service Providers (CSPs) such as Google Cloud, AWS Commercial, AWS GovCloud, Azure Commercial, and Microsoft Azure Government (MAG).
      2. Contractor solutions shall not include managed service elements outside the scope of SaaS hosting. The contractor solution shall be turned over to the Department for daily management and operations.

See attached sources sought for further details

Source
https://sam.gov/opp/d4bdbd3a003a4a299ccab7558d03d25b/view (opens in a new window)
Get instant access to solicitation details & future business opportunities.

Get instant access

to solicitation details & future business opportunities.

Get Access

Vendor packages with access to similar open solicitations

Matching bid notifications & access to all Statewide & Group bid details

Statewide

Matching bid notifications & access to all Statewide & Group bid details
Matching bid notifications from participating agencies

Group

Matching bid notifications from participating agencies
Access participating agency bids

Basic

Access participating agency bids

We use cookies and other similar technology to deliver our online services. Essential cookies are used to enable you to access and navigate our site. These are necessary and are always on. We also use functional, analytics, and marketing cookies when we have your consent to do so. For more information on how we use cookies, please consult our Privacy Policy.