TSA wants cyber forensics info

Agency wants data on enterprise cyber forensics system products

The Transportation Security Administration wants information about commercially available computer security forensics technologies it could use for information technology security.

TSA is interested in products that would give the agency the ability to scan, capture, identify, report, and resolve IT forensics matters, according to a sources sought notice published on the Federal Business Opportunities Web site June 1. The agency said it’s not issuing a solicitation at this time.

The agency is interested in solutions that would allow TSA forensic users to deal with insider threats, e-discovery procedures, data leakage, misuse of IT assets, anomaly detection, identification of malicious code, and compliance verification, according to the notice.

TSA wants companies to provide detailed descriptions of how their products work and what makes them unique. Specifically, TSA is interested in how a product:
  • Supports legal e-discovery processes.
  • Manages and performs enterprise forensics activities across multiple IT systems.
  • Can be used to schedule periodically recurring scans.
  • Integrates with desktop products.
  • Manages and tracks forensic information.
  • Identifies suspicious system activities, including any known exploits.
  • Supports remediation activities to remove identified threats while sweeping for known malicious code.
  • Reports problems.
  • Analyzes data.
  • Interfaces with other systems.
  • Is designed from an IT architecture perspective.
Responses are due June 15.

About the Author

Ben Bain is a reporter for Federal Computer Week.

Reader Comments

Fri, Jul 2, 2010

Amen to the comments below. DoD is probably the worst offender. Not only are they virtually a mirror image of the civilian-side Fed Gov (with departments and agencies and travel programs that duplicate 'civilian' side), each service and command and support agency insists on reinventing the wheel and rolling their own support services. All 'housekeeping' and support functions should be common-serviced unless there is an overriding reason not to. I think taking procurement authority away from most of the organizations would be a good place to start.

Fri, Jun 4, 2010

Agreed- every agency does not need and should not have their own cutting-edge IT shop and network. Especially for the smaller agencies, but even for monsters like DHS/TSA, they need to come up with a 'canned' IT solution that can be common-serviced to get economies of scale. They have been doing with accounting and payroll services for years, via ISSAs and MOUs with nearby agencies that have the capacity and expertise. Too bad there isn't some government agency charged with providing General Services like that?

Thu, Jun 3, 2010 Dave

None of those functions are related to the TSA's primary mission... but they'll devote TONS of resources to them while we stand in ever longer lines in airports. It's time for the Federal Government to quit building entirely new networks and support structures for every new agency they feel the need to create... we can't afford that!

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above.


WT Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.