My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Critical Insight, Inc. 5/2/2023
>
Contracts
>
Agreement
>
Other Procurement Agreements
>
Critical Insight, Inc. 5/2/2023
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
3/14/2024 3:44:46 PM
Creation date
6/2/2023 11:56:10 AM
Metadata
Fields
Template:
Contracts
Contractor's Name
Critical Insight, Inc.
Approval Date
5/2/2023
Council Approval Date
1/1/1999
End Date
5/17/2030
Department
Information Technology
Department Project Manager
Steven Hellyer and Kevin Walser
Subject / Project Title
Managed Detection and Response Services
Tracking Number
CB 2023-056 MDR Services
Total Compensation
$1,087,010.00
Contract Type
Agreement
Contract Subtype
Other Procurement Agreements
Retention Period
6 Years Then Destroy
Imported from EPIC
Yes
Document Relationships
Critical Insight, Inc. 3/14/2024 Amendment 1
(Contract)
Path:
\Documents\City Clerk\Contracts\Agreement\Other Procurement Agreements
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
17
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
<br />Critical Insight® and the Critical Insight logo are the trademarks of Critical Insight, Inc. <br />©2023 Critical Insight, Inc. All rights reserved. <br />3 <br />SOME DATA STREAMS, SUCH AS SECURITY INFORMATION AND EVENT <br />MANAGEMENT (SIEM) STREAMS OR EXTENDED DETECTION & RESPONSE <br />(XDR) PRODUCTS WILL AGGREGATE DATA ACROSS MULTIPLE <br />ENVIRONMENTS. CI WILL INCLUDE THE XDR OR SIEM PRODUCT AS AN <br />ADDITIONAL DATA STREAM SO LONG AS IT IS AGGREGATING DATA <br />STREAMS THAT ARE ALREADY DOCUMENTED IN THE DATA INGEST LIST. <br /> <br />SOME DATA STREAMS INCLUDE FUNCTIONALITY THAT ENABLES CI TO <br />PERFORM ACTIONS IN THE CUSTOMER ENVIRONMENT. IN CASES WHERE A <br />DATA STREAM PROVIDES THIS FUNCTIONALITY, CI AND THE CUSTOMER <br />WILL AGREE THE SCOPE AND ACTIONS THAT WILL BE TAKEN IN A SEPARATE <br />DOCUMENT, I.E. RAPID QUARANTINE PLAYBOOK. CI WILL TAKE NO ACTION <br />UNTIL THIS AGREEMENT IS DOCUMENTED IN WRITING. <br /> <br />MANAGED <br />DETECTION AND <br />RESPONSE <br />(CI-MDR) <br /> <br />ACTIVATION: <br />AN ENVIRONMENT WILL BE CONSIDERED ACTIVATED FOR MONITORING <br />WHEN ALL SPECIFIED DATA STREAMS FOR AN ENVIRONMENT ARE <br />ACTIVATED. FOR EACH DATA STREAM, CI WILL: <br />• VERIFY CUSTOMER’S DATA STREAM IS CONFIGURED PER <br />PROVISIONING INSTRUCTIONS <br />• WORK WITH CUSTOMER TO GENERATE TEST ALERTS WHERE <br />POSSIBLE <br />• VERIFY TRANSMISSION OF ANY CUSTOMER DATA INTO CI’S <br />CORPORATE ANALYSIS SYSTEMS, SOC DASHBOARDS AND <br />TICKETING <br /> <br />CI MONITORS DELIVERY OF DATA STREAMS ON AN AUTOMATED BASIS AS <br />AVAILABLE AND WILL ALSO PERFORM PERIODIC MANUAL REVIEWS. <br /> <br />FOR DATA STREAMS THAT INCLUDE FUNCTIONALITY THAT ENABLES CI TO <br />PERFORM ACTIONS IN THE CUSTOMER ENVIRONMENT, THE ACTIONS WILL <br />BE ACTIVATED ONCE THE CUSTOMER AND CI AGREE IN WRITING AND THE <br />ACTIONS ARE TESTED WITH THE CUSTOMER TO ENSURE OPERATIONAL <br />READINESS. <br /> <br />MANAGED <br />DETECTION AND <br />RESPONSE <br />(CI-MDR) <br /> <br />MONITORING: <br /> <br />UPON THE SUCCESSFUL ACTIVATION OF SPECIFIED ENVIRONMENTS, CI <br />WILL INGEST ANY APPROVED DATA STREAMS AND WILL ELEVATE ALERTS <br />FROM THOSE STREAMS FOR REVIEW, AS APPROPRIATE. CI ANALYSTS <br />REVIEW APPROVED DATA STREAMS FOR INDICATORS OF COMPROMISE <br />WHICH INCLUDE BUT ARE NOT LIMITED TO: <br /> <br />• ALERTS LINKED TO POOR REPUTATION IPS OR DOMAINS <br />• COMMAND AND CONTROL CONNECTIONS <br />• ANOMALOUS OR SUSPICIOUS ALERT PATTERNS <br />• SUDDEN SHIFTS IN THE VOLUME OF KEY ACTIVITIES <br />• EVENT CORRELATION WITH REGIONAL, SECTOR, OR GLOBAL <br />CAMPAIGNS <br />• SELECTED EVENTS FROM 3RD PARTY SERVICES (SUCH AS 3RD PARTY <br />EDR PRODUCTS, MICROSOFT PRODUCTS, AWS’S GUARDDUTY, ETC.)
The URL can be used to link to this page
Your browser does not support the video tag.