Threat detection and response service Fulda Hospital

The tendered service is intended to detect potentially defective communication connections and activities on the basis of protocol data. Various IT systems used by the client are to serve as data sources. The coordination of the data sources to be connected does not take place in this participation competition, but in the subsequent bidding process.

The provider must evaluate the log data (if necessary by consulting a suitable application) in order to detect any cyber attacks or other malicious behavior. The evaluation of the log data must take place around the clock, seven days a week. If the provider uses an application to view the log data, this must be provided. The contractor will not acquire these licenses.

If the provider detects a possible threat event, the client must be informed immediately (within a maximum of one hour after delivery of the log data) via defined reporting channels. Activities for attack detection and initial processing are included in the offer price and will not be charged separately.

Threat prevention services beyond intrusion detection must be provided with a response time of 4 hours (remote) or on the next working day (on site at the customer). These expenses are to be calculated separately and are not included in the offer price.