The procurement of cyber threat monitoring and management services (hereinafter - Services). The provision of Services includes:
1. Collection and aggregation of log records from IT platforms, information systems, monitoring systems, network flows, and other sources (hereinafter - data collection) as well as the configuration of software used for data collection.
2. Analysis of the data collected during the data collection, including detailed data analysis to detect anomalies and identify IT security incidents, as well as the configuration of software required for cyber security analysis.
3. Management of security incidents, including the categorization of identified IT security incidents, informing the Procurement Organization, and providing technical support during the resolution of security incidents.
4. Preparation and submission of reports, including the preparation of historical and real-time event reports. Service delivery reports must be prepared in Lithuanian, while technical reports may be submitted in English. Reports are submitted in digital format.
The mode of service delivery: automated information collection mode (24/7), analytical information provision mode – on working days, during working hours (Monday – Thursday from 08:00 to 17:00, Friday from 08:00 to 16:00). A preventive window for regular software and/or hardware maintenance is coordinated during standard service delivery time.
The provider shall provide all necessary software and licenses required for the provision of Services, provide all necessary technical equipment for the supply of Services, ensure timely implementation of security vulnerability patches for software and hardware and its components, and, if necessary, provide the Procurement Organization with proof of updates. The provider must organize at least 8 hours of free remote training for the persons appointed by the Procurement Organization and provide training materials or other documentation related to the provided Services. For the provision of Services, the Provider must have specialists who meet qualification requirements, ensuring their substitutability.
The object of procurement must not pose a threat to national security. The Procurement Organization considers that goods and services pose a threat to national security when the supplier submitting the offer, its subcontractor, or economic entities whose capacities are relied upon, or persons controlling them are legal or natural persons registered or permanently residing in the countries or territories listed in the list defined in Article 14, paragraph 1 of the Law on Public Procurement (LPP), or who hold the citizenship of these countries, or the manufacturers or their controllers of the goods offered (including their components, software) are registered in the countries or territories listed in the same provision of the LPP, or the provision of services is carried out from the countries or territories specified in the LPP.

LOT-0001
Cyber Threat Monitoring and Management Services.
The procurement of cyber threat monitoring and management services (hereinafter - Services). The provision of Services includes:
1. Collection and aggregation of log records from IT platforms, information systems, monitoring systems, network flows, and other sources (hereinafter - data collection) as well as the configuration of software used for data collection.
2. Analysis of the data collected during the data collection, including detailed data analysis to detect anomalies and identify IT security incidents, as well as the configuration of software required for cyber security analysis.
3. Management of security incidents, including the categorization of identified IT security incidents, informing the Procurement Organization, and providing technical support during the resolution of security incidents.
4. Preparation and submission of reports, including the preparation of historical and real-time event reports. Service delivery reports must be prepared in Lithuanian, while technical reports may be submitted in English. Reports are submitted in digital format.
The mode of service delivery: automated information collection mode (24/7), analytical information provision mode – on working days, during working hours (Monday – Thursday from 08:00 to 17:00, Friday from 08:00 to 16:00). A preventive window for regular software and/or hardware maintenance is coordinated during standard service delivery time.
The provider shall provide all necessary software and licenses required for the provision of Services, provide all necessary technical equipment for the supply of Services, ensure timely implementation of security vulnerability patches for software and hardware and its components, and, if necessary, provide the Procurement Organization with proof of updates. The provider must organize at least 8 hours of free remote training for the persons appointed by the Procurement Organization and provide training materials or other documentation related to the provided Services. For the provision of Services, the Provider must have specialists who meet qualification requirements, ensuring their substitutability.
The object of procurement must not pose a threat to national security. The Procurement Organization considers that goods and services pose a threat to national security when the supplier submitting the offer, its subcontractor, or economic entities whose capacities are relied upon, or persons controlling them are legal or natural persons registered or permanently residing in the countries or territories listed in the list defined in Article 14, paragraph 1 of the Law on Public Procurement (LPP), or who hold the citizenship of these countries, or the manufacturers or their controllers of the goods offered (including their components, software) are registered in the countries or territories listed in the same provision of the LPP, or the provision of services is carried out from the countries or territories specified in the LPP.