State Department Needs a Tool to Scan Its Worldwide Network for Vulnerabilities

State Department Needs a Tool to Scan Its Worldwide Network for Vulnerabilities

The State Department wants to make sure its security officials can keep up with vulnerabilities in its networks—an amalgam of sensitive and classified networks, hosted on-prem and in the cloud, in the U.S. and abroad—and is rethinking its Enterprise Vulnerability Scanning Solution in a new contract.

“The DOS Cyber Protection program requires the capability to rapidly scan, assess and report on the security posture of the department’s networks,” according to a draft performance work statement posted to “The department needs a solution that will provide analysis, monitoring, reporting, configuration, as well as policy and device management.”

In doing so, State is looking for a “lifecycle refresh” for its existing scanning program.

The new EVSS must be able to scan and report on a variety of infrastructure, platforms and software, segregated across varying clearance and sensitivity levels, in domestic offices and data centers and across the globe at all State Department embassies and posts. All told, the tool must be able to scan approximately 250,000 endpoints.

The department is looking for a full-service tool that can scan all of its disparate systems to identify cybersecurity weaknesses, map those to vulnerabilities recorded in the Common Vulnerabilities and Exposures library when appropriate, and produce a feed with real-time information, including “current, emerging and historical vulnerabilities and threats.”

That information must then be fed to security personnel for action, and the solution must be able to assign appropriate roles and restrictions to ensure sensitive vulnerability data goes to the right people.

Along with the data feed, security personnel must be able to run assessment reports on individual systems with customiza ..

Support the originator by clicking the read the rest link below.