TSA wants cyber forensics info
Agency wants data on enterprise cyber forensics system products
The Transportation Security Administration wants information about commercially available computer security forensics technologies it could use for information technology security.
TSA is interested in products that would give the agency the ability to scan, capture, identify, report, and resolve IT forensics matters, according to a sources sought notice
published on the Federal Business Opportunities Web site June 1. The agency said it’s not issuing a solicitation at this time.
The agency is interested in solutions that would allow TSA forensic users to deal with insider threats, e-discovery procedures, data leakage, misuse of IT assets, anomaly detection, identification of malicious code, and compliance verification, according to the notice.
TSA wants companies to provide detailed descriptions of how their products work and what makes them unique. Specifically, TSA is interested in how a product:
- Supports legal e-discovery processes.
- Manages and performs enterprise forensics activities across multiple IT systems.
- Can be used to schedule periodically recurring scans.
- Integrates with desktop products.
- Manages and tracks forensic information.
- Identifies suspicious system activities, including any known exploits.
- Supports remediation activities to remove identified threats while sweeping for known malicious code.
- Reports problems.
- Analyzes data.
- Interfaces with other systems.
- Is designed from an IT architecture perspective.
Responses are due June 15.
Ben Bain is a reporter for Federal Computer Week.