1. 4162425-111760Capabilities Statement General Overview SecureWorks is an independent Information Security Services Provider, focused solely on the delivery of best-of-breed, FISMA compliant, vendor-neutral security services. Recognized as a leader in the IT security industry, SecureWorks provides security infrastructure monitoring, management and consulting offerings to help Federal Clients reduce risk to assets and defend against the ongoing threat to networks and systems present in today’s internetworked environment. SecureWorks is the leading “Security as a Service” provider safeguarding over 2,700 organizations. SecureWorks, focuses exclusively on security services, and is positioned in the Leader's Quadrant in Gartner's Magic Quadrant for Managed Security Services Providers (MSSPs). We protect SecureWorks clients through a combination of a purpose-built, on-demand Security Management platform, applied research from the SecureWorks Counter Threat Unit™ and 24x7 monitoring and management by an analysis team of SANS GIAC-certified experts. Why SecureWorks? Gain a Trusted Security Partner for FISMA Compliance SecureWorks is a vendor neutral provider focused solely on securing critical assets. SecureWorks data collection and unparalleled reporting capability provide assistance with compliance to NIST 800-53. SecureWorks’ certified, experienced Security Operations Center staff serves as an extension of agency security teams, providing objective security advice and unlimited consultation. And, in addition to supporting the FISMA compliance process, Information Security Services from SecureWorks will provide “Best In Class Protection” as it relates to Cyber-Security while lowering your costs. Established Federal Government Service Provider SecureWorks provides Information Security Services to a variety of federal agency clients through relationships with IT management and IT security focused prime contractors. As a validated federal supplier and subcontractor, SecureWorks can fully deploy services in a matter of days from contract award. Unparalleled Internal and External Threat Visibility SecureWorks leverages the visibility gained from monitoring billions of security events everyday across more than 2,000 clients located throughout the world to deliver proactive protection. SecureWorks global visibility enables its CTU (Counter Threat Unit) research team to identify emerging threats as they arise and establish countermeasures to keep critical agency information assets secured. Industry-Leading Client Portal With robust security and compliance reporting capabilities, the SecureWorks Portal is recognized by industry analysts and clients alike as the premier client portal in the marketplace. The Portal provides comprehensive enterprise security vision and service transparency, facilitating the partnership required for effective threat and vulnerability management. The Portal is a powerful yet easy-to-use feature of SecureWorks’ services that delivers tremendous value to agency security teams by providing comprehensive reporting and compliance data and visibility to security events and incidents. Integrated and Advanced Technology Platform SecureWorks proprietary, purpose-built Sherlock Security Management Platform enables services to be tailored to specific agency requirements. Sherlock has tremendous scalability, processing billions of security events every day across the SecureWorks client base. Capable of monitoring virtually any security technology or critical information asset, the Platform provides SecureWorks’ Security Analysts with maximum security context for full, in-depth analysis while virtually eliminating false positives. Services Overview Professional Services SecureWorks' Professional Services provide expertise and analysis to help IT security managers to improve the agency’s security posture, facilitate compliance, and improve operational efficiency. With deep experience in industry regulations and standards, SecureWorks’ security professionals identify risk to prepare for a favorable audit of agency IT security controls. SecureWorks’ Professional Services include: Compliance: FISMA, SOX, NERC CIP, NISPOM Risk Assessment Penetration Testing Incident Handling and Forensics Web Application Testing Business Impact Analysis Policy Development SIM On-Demand SecureWorks’ SIM On-Demand Service allows organizations to attain all the benefits of traditional SIM software, without experiencing any of the drawbacks. SecureWorks’ SIM On-Demand Service delivers event aggregation, correlation and reporting “in-the-cloud,” requiring no lengthy software implementations. The SIM On-Demand service can be up and running in a matter of days, immediately presenting your agency’s IT security team with actionable information, a consolidated view of the security status of critical assets and on-demand compliance reports via the secure web-based SecureWorks Portal. Service features include: Rapid implementation and no management overhead Vendor neutral, infrastructure-wide event aggregation and advanced correlation Asset classification, remediation workflow and 24x7 access to SecureWorks’ security experts On-demand security and compliance reports through the SecureWorks real-time client Portal Security Monitoring SecureWorks’ Security Monitoring Service provides 24x7x365 vigilance over your agency’s critical information assets. SecureWorks’ Security Analysts will monitor, analyze and respond to security events from security devices, network infrastructure, servers, databases, applications or any other critical information asset in real-time. Service features: Expert analysis by SecureWorks’ 100% GIAC certified team of Security Analysts Vendor neutral, infrastructure-wide coverage Real-time, 24x7 monitoring, correlation and incident response On-demand security and compliance reports through the SecureWorks real-time client Portal SecureWorks recommends the Security Monitoring service for all critical security or information assets that require 24x7x365 monitoring by experienced security professionals. This may include firewalls, IDS/IPS, VPNs, routers, web servers, databases, applications and any other high-value asset. SecureWorks can monitor virtually any security device or critical information asset and perform full correlation and analysis across the agency’s enterprise systems to detect threats to assets. Managed Network Intrusion Detection/Prevention SecureWorks provides 24x7x365 monitoring and full lifecycle management of your agency’s IDS/IPS infrastructure. SecureWorks provides proactive management and real-time security event monitoring and analysis across the Network Intrusion Prevention and Detection infrastructure. SecureWorks’ award-winning Managed Network Intrusion Prevention and Detection Service can support the agency’s current and future best-of-breed environment, as well as provide superior protection in a cost-effective technology and service bundle. This service is delivered in a co-managed fashion, where the agency’s IT security management team retains ownership and administrative access to the devices while SecureWorks performs all management and monitoring activities. Features of this service include: 24x7x365 real-time monitoring by 100% GIAC certified security experts Real-time blocking of malicious Internet activity before compromise Proactive administration, signature tuning and maintenance Countermeasure deployment based on SecureWorks’ industry-leading threat visibility On-demand security, board-level and compliance reports Managed Firewall SecureWorks provides 24x7x365 management and monitoring of your agency’s firewall and gateway appliance infrastructure. SecureWorks’ experts provide scoping, deployment, policy configuration and ongoing management of supported firewall devices. SecureWorks’ managed firewall and VPN services provide the 24x7 expertise needed to enhance the agency’s security posture, improve operational efficiency and reduce the costs associated with implementing and maintaining firewall and VPN devices. Managed Firewall service is delivered in a co-managed fashion where the agency’s IT security management team retains ownership and administrative rights to the devices. This service includes: Site assessment and firewall policy design Firewall installation, configuration and maintenance Total lifecycle management including performance and troubleshooting 24x7 firewall monitoring to detect known and unknown threats Concise easy to understand reporting Managed Host Intrusion Prevention SecureWorks’ Managed Host Intrusion Prevention Service protects your agency’s network from attacks that can damage applications, data, or the underlying operating system. This service delivers protection at the host level by blocking behavior that signals malicious activity. This service includes: Real-time behavior-based attack blocking Protection against attacks that bypass perimeter security Policy set management, automatic updates and all other maintenance 24x7x365 real-time monitoring and response Comprehensive reporting Vulnerability Scanning SecureWorks' Vulnerability Scanning Service identifies exposures and weak spots within your agency’s network through powerful internal and external scanning. As a client-driven service, IT security managers have full control of scanning parameters and scheduling through the SecureWorks Portal. Service features include: Internal and external scanning Scanning of all 65,000 ports (not just the first 16,000) Prioritized remediation and trending information On-demand security and compliance reports Threat Intelligence SecureWorks' Threat Intelligence delivers early warnings about emerging threats and actionable security intelligence tailored to your agency’s environment, providing more time to protect critical assets. The industry-leading SecureWorks CTU aggregates threats and vulnerabilities, accurately assesses severity levels and provides IT security managers with the steps needed to remediate these issues before they impact the agency’s IT environment. The threat intelligence service streamlines the vulnerability research and security intelligence process in order to provide clients with more time to protect their critical information assets. Service features include: Actionable information tailored to the agency’s environment Early warnings to emerging threats Clear, concise threat and vulnerability analyses Remediation information Unlimited consultation with SecureWorks’ industry recognized security researchers Purchasing Information Contact for all Federal agency and Contractor inquiries: Justin DuHaime Director, Business Development, Federal Government (202) 903-0088 jduhaime@secureworks.com