The Department of Defense’s information technology agency is seeking industry input on capabilities necessary to build its cyber threat sharing platform.
The Defense Information Systems Agency (DISA) released its Request for Information (RFI) on Wednesday to assess how to approach to impending acquisition process for its new Cyber Threat Sharing Indicator Platform.
Responses to the RFI are due by noon on Dec. 6.
DISA is hoping to gather information on existing capabilities that may go toward supporting the development of its secure, machine-to-machine cyber threat sharing platform.
Requirements for the sharing capability include the ability to distribute threat indications through a Publisher/Subscriber model in near real time.
“The system shall have the ability to rapidly support new versions of Structured Threat Information Expression (STIX) and other Trusted Automated Exchange of Indicator Information (TAXII) and shall support propagation of JAVASCRIPT Object Notation (JSON) and XML formatted messages,” DISA writes in its RFI.
Industry input is also requested on data storage and management capabilities, including the ability to push and subscribe multiple feeds and support data retention up to 60 days.
DISA also aims for the new cyber threat sharing platform to improve dashboard and system integration capabilities.
The platform needs a dashboard where users can easily view and control data collections, and the system must utilize an open source Application Programming Interface to allow third party users to query data elements.
Respondents to the RFI should describe their experience with operating, maintaining and deploying similar cyber threat sharing platform capabilities, according to DISA. Interested participants should also include an estimated timeline for delivering capabilities.