Managed Detection and Response Solution

The Vendor is required to provide managed detection and response (MDR) combined with services which include, but not limited to, PCI compliance assessment, penetration testing, tabletops exercise, it policy review, etc.
- Out of scope for commercial provider
•    Traditional project management. 
•    Extensive customization to MDR solution. 
•    Any customization beyond standard configuration may be subject to further discussion and agreement between the city and the selected proposer. 
•    Low priority or requirements not approved. 
•    It business processes, customized business rules, standard operating procedure documentation, or the city’s performance metrics.
- In scope for commercial provider
•    Overall implementation consultation and guidance.
•    General configuration and knowledge transfer.
•    Platform single sign on (SSO) with the city’s Microsoft ENTRA.
•    Functional configuration (based) and knowledge transfer.
•    Reporting, dashboards, and configuration and knowledge transfer.
•    MDR solution orientation and overview, online help, and training.
•    Guides, formats and consultation for preparation for configuration or API.
•    Collect all appropriate data from the city’s technical infrastructure, and setup and configure normalizing, analysis, alerting and dashboards.
•    Support plan with thirty (30) day stabilization period with daily minor configuration corrections.
•    Performance testing of MDR solution including the city’s setup, configuration, alerting and dashboards.
•    Responsible for readiness, transition, production launch and handover to support.
•    The items listed below represent the city’s current in-scope MDR and security services.
o    Managed detection and response (MDR) solution
o    On-premises data collectors
o    Incident response retainer
o    Professional security services, including but not limited to:
1.    Internal vulnerability scanning (quarterly)
2.    Security governance and policy advisory
3.    Vulnerability intelligence
4.    External penetration testing (quarterly)
5.    Incident response tabletop exercises (semi-annual)
6.    PCI compliance support services.