Senate Wants More Cyber Intelligence

Cyber threats are evolving constantly and the Senate Sergeant at Arms needs to know what is out there and what is coming. To that end, the office issued a request for proposals for a commercial off-the-shelf cyber threat intelligence platform with all the bells and whistles.

Specifically, the Senate wants a commercial product able to scan publicly available sources such as paste sites, blogs, social media, code repositories and technical sources, as well as sources that are harder to find, like dark web forums and sites.

As information is collected, it must be automatically sorted among nine categories: threat actors, malware, technical indicators, geographies, technologies, products, people, companies and organizations. All relevant information on each threat must then be pulled into a single report with “event timelines, treemaps, table views, and feed views of associated threat actors, IP [addresses], hashes, domains, malware and vulnerabilities,” according to the RFP. These reports should be generated automatically, without the user having to input a specific query.

That said, the information should be queryable, allowing users to create advanced searches, such as “a search for leaked credentials within specific areas of the internet by specific threat actor nationalities,” as an example.

Using that information, the product must be able to build predictive models—in reports and visualizations—on threats and vulnerabilities, including risk scores for both.

The tool also must be able to translate in real time using natural language processing. The tool must be able to translate Arabic, Chinese, English, French, German, Italian, Japanese, Persian/Farsi, Portuguese, Russian, Spanish and Swedish. Contracting officers said the Senate will not accept translations from the vendor; it must be an automated tool.

A company analyst must also be on-call to answer questions about the data being collected.

The RFP is structured as a matrix, with 29 minimum requirements listed. For each requirement, vendors are asked to indicate whether their solution meets or exceeds that ability and whether that solution is a standard part of the commercial product or an optional add-on. Vendors are also encouraged to provide a detailed description on how each requirement is “met or exceeded” by the product being offered.

Along with the base product requirements, vendors must also be able to provide 40 hours of in-person training and access to a set of on-demand courses. An additional 20 hours of professional service support is included to help Senate staff integrate the new technology with their platforms.

Responses to the RFP and associated pricing table are due by May 28.