TrendAgency wants data on enterprise cyber forensics system products

Published 7 June 2010

TSA solicits information about commercially available computer security forensics technologies it could use for information technology security; TSA is interested in products that would give the agency the ability to scan, capture, identify, report, and resolve IT forensics matters

We have noted the trend of growing interest in computer forensics (see, for example, “Growing demand for IT forensics experts,” 20 October 2009 HSNW; and “First computer forensics private investigation firm opens in Nevada,” 15 April 2010 HSNW). The trend continues.

The Transportation Security Administration (TSA) wants information about commercially available computer security forensics technologies it could use for information technology security. TSA is interested in products that would give the agency the ability to scan, capture, identify, report, and resolve IT forensics matters, according to a sources sought notice published on the Federal Business Opportunities Web site on 1 June. The agency said it was not issuing a solicitation at this time.

FCW’s Ben Bain writes that the agency is interested in solutions that would allow TSA forensic users to deal with insider threats, e-discovery procedures, data leakage, misuse of IT assets, anomaly detection, identification of malicious code, and compliance verification, according to the notice.

TSA wants companies to provide detailed descriptions of how their products work and what makes them unique. Specifically, TSA is interested in how a product:

  • Supports legal e-discovery processes
  • Manages and performs enterprise forensics activities across multiple IT systems
  • Can be used to schedule periodically recurring scans
  • Integrates with desktop products
  • Manages and tracks forensic information
  • Identifies suspicious system activities, including any known exploits
  • Supports remediation activities to remove identified threats while sweeping for known malicious code
  • Reports problems
  • Analyzes data
  • Interfaces with other systems
  • Is designed from an IT architecture perspective

Responses are due 15 June.