Extended Detection and Response Solution

The vendor required to provide extended detection and response (XDR) cybersecurity solution that will modernize its cybersecurity infrastructure to better protect student data, staff information, and critical systems from evolving threats.
- Vendor and technology
•    The system shall operate as a cloud-based solution and provide a documented uptime guarantee to ensure continuous availability.
•    Highly available, geo-redundant, and scalable solution for resiliency and the ability to address peak usage periods.
•    Documentation of system’s resource capacity limitations, including storage limits and hit capacity thresholds that they can provide
•    The solution must support the ability to temporarily unload or disable the XDR agent on endpoints to facilitate system maintenance, software installations, or troubleshooting activities (e.g., exchange patching), without compromising long-term protection or requiring full uninstallation
•    The solution must allow administrators to configure exclusions or behavioral adjustments based on specific file paths, file types, or processes. 
•    This includes the ability to whitelist trusted applications or directories to reduce false positives and performance impact.    
•    Provide a documented process for software updates, including pre-release testing, rollback capabilities, and customer notification procedures
- Functional
•    cloud-native EDR and XDR with unified telemetry and data correlation    critical        
•    Agent with broad OS coverage, minimally macOS, windows 11, Linux, windows server 2016+. chrome OS support is optional
•    Behavioral and AI-driven detection with MITRE ATT&CK alignment
•    Real-time remote investigation and ability to download forensic artifacts
•    Rapid endpoint response controls, including remote endpoint isolation
•    Threat hunting - analysts should be able to query data to perform threat hunting using built-in solution tools        
•    The console must correlate related alerts and incidents to reduce analyst workload and accelerate response.    
•    Support for PowerShell and python
•    Supports various granular user permissions to allow a range of permissions    
•    The service maintains auditable logs that record system events.        
•    Minimum retention period of two weeks, with the capability to have the retention period up to 6 months
•    Customizable alerts.

- Questions/Inquires Deadline: November 19, 2025