Specifications include, but are not limited to: SDBOR is seeking a MDR as part of our strategic initiative to enhance our cybersecurity defenses. We are seeking detailed information from experienced vendors about their capabilities, technologies, and approaches in providing comprehensive MDR solutions. This RFI intends to gather insights on service offerings, including 24/7 monitoring, real-time threat detection, incident response, and the integration of advanced technologies such as AI and machine learning. Our goal is to understand how these services can be tailored to fit our unique organizational needs and improve our overall security posture. SDBOR is interested in a MDR that shall include, but not be limited to the capabilities as described below: Monitoring and Detection • Implement 24/7 monitoring with advanced analytics for accurate threat identification, minimizing false positives. o Provide any SLAs associated with expected identification, notification, and response times. o Identify how your product utilizes retroactive events and the lessons learned from those events across your customer base. o List cloud environments for your managed detection and response services including compatibility with Azure and AWS. • Provide a dedicated account manager and 24/7 support with a clear Service Level Agreement. • Provide a 24/7 live technical resource. • Provide continuous monitoring and advanced analysis for threat detection across various vectors utilizing SIEM, SOAR, and AI/ML technologies. o Define where AI and SOAR will be utilized versus human analysis. Response Capabilities • Provide the option for the MDR vendor to perform immediate actions, such as remote containment and investigation. o Identify and propose opportunities where the vendor's automated response and remediation processes could be utilized.
