The General Services Administration (GSA) issued on Monday a request for information (RFI) on cybersecurity services to better understand the needs of government agencies, what solutions exist, and what role the administration can play in improving the ability for agencies to procure certain cybersecurity services.
The information is meant to “help the GSA identify current offerings available, improve the visibility of those offerings, and determine gaps that need to be filled,” the notice posted to FedBizOpps said.
Issued through GSA’s Federal Acquisition Service (FAS) Office of Integrated Technology Services (ITS), the administration is interested in cybersecurity services divided into three main areas:
- Proactive services
- Network Mapping;
- Vulnerability Scanning;
- Penetration Testing;
- Phishing Assessments (Testing and Scanning);
- Wireless Assessments;
- Web Application Assessments;
- Operating System Assessments;
- Database Assessments;
- Proactive Adversary Hunt;
- Reactive Services
- Incident Response
- Reactive Adversary Hunt; and
- Remediation Services:
- Security Engineering Services including Post-incident or Post-assessment Remediation.
The notice said GSA has two main goals in the RFI. First, it wants to gain feedback from industry and other stakeholders dealing with cybersecurity on the offerings in the above categories. It also seeks to inform the government about the kinds of cybersecurity products and services available to detect and remediate the kinds of cybersecurity vulnerabilities, threats, and incidents most prevalent in industry and government.
Responses are due April 20. They should be emailed to [email protected] with the subject line “GSA Cybersecurity Services.”