Breach and Attack Simulation (Bas) Tender, USA - 84478473

Procurement Summary

Country : USA

Summary : Breach and Attack Simulation (Bas)

Deadline : 30 Jun 2023

Other Information

Notice Type : Tender

TOT Ref.No.: 84478473

Document Ref. No. : RFI-FY23-ITSO-BAS

Competition : ICB

Financier : Self Financed

Purchaser Ownership : Public

Tender Value : Refer Document

Purchaser's Detail

Name :Login to see tender_details

Address : Login to see tender_details

Email : Login to see tender_details

Login to see details

Tender Details

Description

The Administrative Office (AO) of the U.S. Courts needs to continually validate its security posture. Products in this market are often called Breach and Attack Simulation (BAS) but may also be called Threat Exposure Management (TEM) or Attack Surface Management (ASM). Gartner defines the BAS products as having the following characteristics: Automated, Consistent and Continuous. Gartner uses the following definition. “Breach and attack simulation (BAS) technologies allow enterprises to continually and consistently simulate multiple attack vectors against an enterprise-s assets. BAS can test threat vectors such as external and insider, lateral movement and data exfiltration. BAS deployment leverages software agents, virtual machines, cloud platforms and other means to run simulations.”

Gartner also indicates that the implementation of this capability is indicative of a mature organization: “Organizations with mature security programs use these technologies primarily to ensure consistent security posture over time and across multiple locations.” In order to continue to mature the AO-s cybersecurity program, the AO needs a capability to validate that the security tools are performing as expected and can detect and automatically mitigate existing and emerging threats. This capability must monitor the entire security incident cycle including the ability to measure people, processes, and technologies.

Forrester Research, a leading industry analytic firm confirms that BAS solutions “assist security and IT ops teams in prioritizing remediation efforts based on the value of the asset and severity of the exposure. Organizations suffering from cloud sprawl and shadow IT should experiment with ASM and BAS for greater visibility and improved efficacy of remediation.” Information Technology Security Office (ITSO) intends to use the solution in this manner to identify the levels of risk that may not be readily apparent.

The AO requires a BAS that will e...
Active Contract Opportunity
Notice ID : RFI-FY23-ITSO-BAS
Related Notice
Department/Ind. Agency : ADMINISTRATIVE OFFICE OF THE US COURTS
Sub-tier : ADMINISTRATIVE OFFICE OF THE US COURTS
Office : AOUSC-PROCUREMENT MANAGEMENT DIV
General Information
Contract Opportunity Type: Sources Sought (Original)
All Dates/Times are: (UTC-04:00) EASTERN STANDARD TIME, NEW YORK, USA
Original Published Date: Jun 16, 2023 01:23 pm EDT
Original Response Date: Jun 30, 2023 02:00 pm EDT
Inactive Policy: 15 days after response date
Original Inactive Date: Jul 15, 2023
Initiative: None

Classification
Original Set Aside:
Product Service Code: DJ10 - IT AND TELECOM - SECURITY AND COMPLIANCE AS A SERVICE
NAICS Code:
Place of Performance: Washington, DC 20544 USA

Documents

 Tender Notice

RFI-FY23-ITSO-BAS.xlsx