MERX
Canadian Public Tenders Opportunity Abstract
Français
Canadian
Public Tenders
Agencies, Crown &
Private Corporations
U.S. Tenders
Private
Construction

print Print-friendly Version   

 Document Request List:  N/A Awards:  View

EXTENSION OF CYBER INCIDENT RESPONSE TOOL


 
Disclaimer

Header

  Reference Number PW-$QCL-018-15049
  Solicitation Number W7701-125207/B
  Organization Name Public Services and Procurement Canada
Travaux publics et Services gouvernementaux Canada
  Source ID FD.DP.QC.10077.C2
  Associated Components Yes

Dates

  Published 2012-11-30
  Revised 2012-12-20
  Closing 2012-12-28 02:00 PM Eastern Standard Time EST

Details

  Category Research and Development (R&D)
  GSINS AD917700: MILITARY
D302AAS: PROFESSIONAL SPECIAL SERVICES, EDP, NOT ELSEWHERE SPECIFIED
N7030: ADP SOFTWARE
  Region of Delivery Quebec
  Region of Opportunity
  Agreement Type Agreement on Internal Trade (AIT)
  Tender Type Notice of Proposed Procurement (NPP)
  Estimated Value
  Solicitation Method

Notice Description

  EXTENSION OF CYBER INCIDENT RESPONSE TOOL

Trade Agreement: Agreement on Internal Trade (AIT)
Tendering Procedures: The bidder must supply Canadian goods
and/or services
Attachment: None
Competitive Procurement Strategy: Best Overall Proposal
Comprehensive Land Claim Agreement: No
Nature of Requirements:
    
EXTENSION OF CYBER INCIDENT RESPONSE TOOL
FOR
DEFENCE R&D CANADA, VALCARTIER

Objective :

Add additional features to a tool for responding to cyber
incidents, in order to meet the needs of the Department of
National Defence (DND) R&D in this area.

Background / History :

Considerable effort is currently being put into developing a
process for responding to cyber incidents for DND. The
development of this process requires a cyber incident integrated
response tool to evaluate the feasibility of several proposed
approaches.

In recent years, tools for responding to cyber incidents have
reached the marketplace. A team of scientists from Defence R&D
Canada (DRDC) have evaluated several such tools. They concluded
that no existing tool has all the capabilities necessary to
support the development work for the process.

The development from scratch of an integrated tool to respond to
cyber incidents with all the desired capabilities would require
too much effort for the scope of the project. It is therefore
proposed to extend the capabilities of an existing tool for
responding to cyber incidents by adding additional features.

The mandatory requirements are as follows:

1    The supplier must have the rights required to sell and modify
a cyber incident response tool that meets mandatory criteria 2
to 10 below.
2    The tool must fully function with Windows XP and Windows 7.
The tool must be able to analyze computers equipped with Windows
XP 32-bit, Windows 7 32-bit and Windows 7 64-bit operating
systems.
3    The tool must be capable of remotely checking whether a
computer is compromised using a software agent or other means.
4    The tool must be capable of checking the validity of computer
networks using a centralized management console. All incident
response features must be capable of being operated from this
console. Only the software agent installation process (or other
technique) can be performed using means other than the
centralized management console.
5    The tool must be capable of checking the integrity of a
process in memory, for example by comparing its memory dump to
that on the disk by simulating the module load in Windows.
6    The tool must be capable of verifying the integrity of a file
on the disk, for example by comparing the information gathered
by Windows APIs to that obtained via a direct read of data using
a driver.
7    The tool must be capable of verifying the integrity of the
Windows registry, for example by comparing the information
gathered by the Windows APIs to that obtained via a direct read
of data using a driver.
8    The tool must be capable of detecting floating code.
9    The tool must be capable of remotely extracting the content of
the memory associated with a process.
10    The tool must have the capability of detecting the following
hooks and identifying the originating process of the hook: (i)
Service table hooks (ii) Inline hooks (iii) IAT/EAT hooks (iv)
IDT hooks (v) SYSENTER hooks (vi) DKOM hooks
11    The supplier must be able to provide the services of an
intermediate developer with a minimum of 24 months of experience
in Windows driver development. (As specified at Section 3.2,
Part 4, of this document, the Bidder must provide the curriculum
vitae of each proposed resource.)
12    The supplier must be able to provide the services of an
intermediate developer with a minimum of 24 months of experience
in the development and/or integration of Windows malware
detection techniques. (As specified at Section 3.2, Part 4, of
this document, the Bidder must provide the curriculum vitae of
each proposed resource.)
13    The supplier must be able to provide the services of a
project manager. (As specified at Section 3.2, Part 4, of this
document, the Bidder must provide the curriculum vitae of each
proposed resource.)

The organization for which the services are to be rendered is
the Department of National Defence (the «client»).

The period of the Contract is from the date of contract award to
March 31, 2016, inclusive. The Contractor grants to Canada the
irrevocable option to extend the term of the Contract by up to 4
additional 1 year-periods under the same terms and conditions.

The estimated value of the contract is $900,000.00, plus
GST/HST, for the portion of the work done on request via task
authorizations during the initial contract period (from the
start date of the contract until March 31, 2016, inclusive).

The contract will also include a sum (not disclosed) for the
purchase of a maximum of 100,000 additional and optional
licenses for the software that include maintenance and support.
The purchase of licenses is planned for the period between April
1, 2016, to March 31, 2020.

Pursuant to section 01 of Standard Instructions 2003, Bidders
must submit a complete list of names of all individuals who are
currently directors of the Bidder. Furthermore, as determined
by the Special Investigations Directorate, Departmental
Oversight Branch, each individual named on the list may be
requested to complete a Consent to a Criminal Record
Verification form.

The requirement is subject to the provisions of the Agreement on
Internal Trade (AIT).

Delivery Date: Above-mentioned

The Crown retains the right to negotiate with suppliers on any
procurement.

Documents may be submitted in either official language of Canada.


Piras, Gabriel
601-1550, Avenue d'Estimauville
Québec
Québec
G1J 0C7
(418) 649-2870 ( )


 

Contact(s)

Contracting Authority

  Name Gabriel Piras
  Address 601-1550, Avenue d'Estimauville
  City Québec
  State / Province Québec
  Country Canada
  Postal Code G1J 0C7
  Phone (418) 649-2870 ( )
  Fax (418) 648-2209
  Email
  Website URL

print Print-friendly Version   

 Document Request List:  N/A Awards:  View

Note: Web site links will be displayed when available. If you click a web site link, you will be connected to another web site. Your MERX session will timeout after 20 minutes of inactivity. Should this occur, please return to the MERX home page and log in to MERX again.

© MERX - All rights reserved. This site and its content, other than procurement information issued by a Participating Organization, are owned by MERX Networks Inc. No information found on this site may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise without the prior permission of MERX or, in the case of procurement information issued by a Participating Organization, of the Participating Organization issuing such information. Neither MERX nor the Participating Organizations will assume responsibility or liability for the accuracy of the information contained on this site.