Vendor needs to provide managed detection and response, endpoint detection and response solution.
- Managed Detection and Response system and related services solution to protect our technology assets and stakeholders from malicious cyber intent.
- Provide the City a monitoring capability that will alert IT staff of potential cyber threat occurrences is such a fashion that a suggested response may be acted upon before irreparable damage occurs.
- Provide the City 7 X 24 system monitoring to supplement the internal staff.
- Cyber threat monitoring should be offered full time (24x7x365).
- Software provided should be capable of multiple detection methods: (e.g., rules-based, behavioral, and AI based).
- The proposed solution should either replace or augment the current Sophos AV solution in place to provide EDR capabilities on all desktop, laptops, and servers.
- Software and services provided should be capable of multiple remediation methods (e.g. block, quarantine, isolate, and send for analysis).
- Services should include proactive and reactive threat validation, prioritization, and hunting. Please describe the level and extent of threat hunting services, including the extent to which human intervention is used.
- The solution should integrate with Active Directory, as well as be able to feed information to a Log server.
- The solution should detect and prevent whether credentials are used in a suspicious manner (lateral movement).
↧