Detection and Response Solution

The vendor required to provide detection and response solution platforms under development, in planning, or at beta test will not be considered.
- Any features, discussion, reference to, or implied usage of the following, must all be clearly stated as such.
•    Future release products or features
•    Optional (not included) features or products
•    Third-party developed, sold, or maintained features or products
•    Any required hardware and software to maintain or use solution
•    Implications on warranty and maintenance support
- Functional specifications
1. Threat monitoring and response 
•    The timeframe for threat monitoring and human response (e.g., 24x7x365)?
•    The SLA guarantees for alert investigation and response?
•    The service verifies threats and reduce false positives
•    Alerts and remediation actions communicated to the organization?
•    The organization have access to dashboards and investigation tools?
•    A monthly summary report of activity and monitoring provided?
2. Platform coverage and integration 
•    The service detects threats in microsoft 365 and google workspace?
•    The service integrates with existing EDR solutions (e.g., defender, crowd strike)
•    Operating systems and platforms are the service able to protect (e.g., windows, macOS, Linux, SaaS/IaaS)
3. Response capabilities 
•    The service performs (e.g., isolate machines, kill malicious processes, disable compromised m365 user accounts, remove malicious scheduled tasks… etc.)
•    The service provides remediation guidance and recommendations
•    Account manager assigned to the organization.

- Contract Period/Term: 3 years