IT services: consulting, software development, Internet and support | Tenderlake

IT services: consulting, software development, Internet and support

Contract Value:
-
Notice Type:
Contract Notice
Published Date:
12 July 2021
Closing Date:
06 September 2021
Location(s):
FRF ALSACE-CHAMPAGNE-ARDENNE-LORRAINE (FR FRANCE)
Description:
Case 21c0010 — Outsourced Security Operations Centre and Incident Response

The Greater East Region wishes to have an outsourced Security Operations Centre (COS), initially relying on a managed Endpoint detection and response (EDR) solution and its Elastic security event centralization infrastructure as well as specialized security incident response services with the objective of meet the active defence principles established by SA General Information Security Policy (ISMP). The purpose of the framework agreement is to select a company capable of accompanying the digital management of the Grand Est Region in order to develop, strengthen and maintain the security of the institution's information system (see description of the services in point II.2.4)).

Joint Single Attribute Framework Agreement comprising: a purchase order share entered into without a minimum or maximum amount; a share executed through the conclusion of any subsequent contracts, without a minimum amount or maximum amount.

Primarily, the services will give rise to the issuance of purchase orders regularly throughout the market life. In particular, initial construction and subscription to outsourced COS and managed EDR services, addition of detection scenarios, maintenance of the security event centralization solution and advanced security incident response services will be ordered through the issuance of purchase orders in the first year of the market. then, if necessary, by entering into subsequent contracts in subsequent years to respond to changes in the scope of services to be operated.

The region plans to launch subsequent contracts to change the scope of benefits as SOC maturity increases. For example, they will allow to evolve the services integrated into the delivery (security service in managed mode), the strengthening of the control plan by integrating new sources of events in relation to, for example, the implementation of new security solutions (messaging/bastion/vulnerability scan/AD audit and file server/nac) or the construction of scenarios based on application logs.

Regarding maintenance needs, adjust, if necessary in the second year of the market, the scope of the delivery if the infrastructure (in particular the log centralization infrastructure) evolved to meet the technical and organizational constraints of COS delivery.

Download full details as .pdf
The Buyer:
Région Grand Est
CPV Code(s):
72000000 - IT services: consulting, software development, Internet and support