The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) is looking to obtain information from industry on providing a secure work management tracking system to better secure the Federal IT enterprise.
The Jan. 22 request for information (RFI) states that CISA Threat Hunting requires a solution that can provide data resiliency for the incident management system and have the option to scale to cloud.
“The desired system should meet the minimum level of encryption 140-2. The system should handle full account logging (successful/unsuccessful) to all assets in the system and integrate with existing SIEM architecture,” the RFI reads. “In addition, the system should allow full host-based logging from all assets in the system and integrated with an existing SIEM architecture.”
The RFI lists the following requirements for the solution:
- It must migrate historical data from a customer previously used incident management tracking system;
- It should allow for domain mapping;
- It should include a threat scoring module or allow for the development or customization of one;
- It should support incident, problem, change, and release management;
- It must include an email functionality for internal and external communications;
- It must include API or feed into customer SIEMs;
- It should have the capability to autogenerate a ticket via an email to the system and the system should have the capability to update tickets via email to the system; and
- The system must have a resident metrics engine for asset, basic, advanced, and enterprise reporting.
This initial RFI is for information gathering and planning purposes only. Requests for Proposals and Requests for Quotations are currently not being solicited and this RFI does not promise a solicitation in the future. Responses are due Feb. 2.
