AI Tools for Application Security Scanning and Testing
ID: 24-68-A-PMO-OITAType: Sources Sought
Overview

Buyer

TREASURY, DEPARTMENT OF THEINTERNAL REVENUE SERVICENATIONAL OFFICE - PROCUREMENT OITANEW CARROLLTON, MD, 20706, USA

NAICS

Computer Systems Design Services (541512)

PSC

IT AND TELECOM - BUSINESS APPLICATION/APPLICATION DEVELOPMENT SUPPORT SERVICES (LABOR) (DA01)

Original Source

https://sam.gov/opp/df363d9bf6c64f128faa4986f5fa59e5/view
Timeline
    Description

    The Department of the Treasury, specifically the Internal Revenue Service (IRS), is seeking information regarding the capabilities of firms that can provide Artificial Intelligence (AI) and Machine Learning (ML)-based application security testing tools. The IRS aims to enhance its application security testing capabilities beyond existing tools such as Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) by integrating advanced functionalities that allow for real-time vulnerability identification, automated risk analysis, and support for the Continuous Authorization to Operate (cATO) process. This initiative is part of a broader governmental effort to strengthen cybersecurity measures across federal entities, ensuring compliance with federal mandates. Interested parties must submit their responses by October 2, 2024, and can direct inquiries to Tanya Outland at Tanya.E.Outland@irs.gov by September 23, 2024.

    Point(s) of Contact
    Tanya Outland
    Tanya.E.Outland@irs.gov
    Files
    Title
    Posted
    24-68-A-PMO-OITA RFI QA Document_9.18.2024.docx
    The Internal Revenue Service (IRS) is seeking to develop artificial intelligence tools specifically for application security scanning and testing. Interested parties are invited to submit questions regarding the request for proposals (RFP) by September 23, 2024. Responses to these inquiries will be published on SAM.GOV by September 25, 2024. The document includes a structured format for submitting questions and provides a deadline for responses, indicating an organized approach to addressing potential vendor concerns. This RFP emphasizes the IRS's focus on enhancing application security through advanced technology, which reflects broader governmental efforts to strengthen cybersecurity measures across federal entities. The emphasis on timely communication and transparency in the Q&A process underscores the IRS's commitment to fostering a collaborative environment with potential contractors.
    RFI_Response Template 24-68-A-PMO-OITA.xlsx
    The document details a Request for Information (RFI) from federal authorities seeking insights on AI and machine learning tools for application security scanning and testing. The RFI outlines the response process due by October 2, 2024, and is structured in two parts: Company Profile and Technical Capability. Key requirements include providing company details such as name, address, size, and socio-economic classification, along with information on subcontracting partnerships and active government contracts. The Technical Capability section requests descriptions of existing AI/ML tools, licensing information, past government contracts with relevant agency details, and system requirements for the tools. The RFI aims to gather comprehensive information to help define the IRS's requirements for a Continuous Automated Testing Operations (cATO) process, stressing the importance of specific application security testing classes like SAST, DAST, and others. The document underscores a focus on capabilities applicable to government needs, inviting companies to present potential solutions that enhance application security through advanced testing methodologies.
    RFI 24-68-A-PMO-OITA.docx
    The Internal Revenue Service (IRS) issued a Request for Information (RFI) seeking details about AI- and machine learning-based application security testing tools. This RFI intends to gather information for project planning and is not a solicitation for proposals. The IRS aims to enhance its application security testing capabilities beyond existing tools like Static and Dynamic Application Security Testing by integrating advanced AI functionalities for tasks such as real-time vulnerability identification and automated risk analysis. Key objectives include ensuring compatibility with existing systems, supporting the Continuous Authorization to Operate process, and automating security policy enforcement. Interested firms are invited to provide company profiles and specific capability details, ensuring no proprietary information is submitted. The RFI outlines the need for advanced security testing to comply with federal requirements and improve overall application security processes. Respondents must adhere to guidelines for submission, indicating their qualifications without the expectation of further communication. The process ultimately aims to inform potential future solicitations for enhanced application security solutions.
    Lifecycle
    Title
    Type
    AI Tools for Application Security Scanning and Testing
    Currently viewing
    Sources Sought
    Similar Opportunities
    Information Returns Modernization (IR Mod) IRIS/UI Application Development
    Active
    Treasury, Department Of The
    The Department of the Treasury, specifically the Internal Revenue Service (IRS), is seeking information from qualified contractors for the Information Returns Modernization (IR Mod) project, focusing on the development and maintenance of the Information Returns Intake Systems (IRIS) and its user interface (UI). The objective is to enhance the IRS's capabilities in processing nearly 100 types of information returns, with an expected annual volume of 7-10 billion returns, utilizing agile methodologies and DevSecOps practices, while incorporating Artificial Intelligence (AI) for improved efficiency in development and reporting. Interested parties must submit their responses to the Request for Information (RFI) by September 26, 2024, and can direct inquiries to Tanya Outland at Tanya.E.Outland@irs.gov. This initiative reflects the IRS's commitment to modernizing its information processing systems by 2030, ensuring compliance with legislative mandates and improving operational effectiveness.
    Cybersecurity, Architecture & Implementation, Technical Operations, Ops Projects & Cloud Svcs
    Active
    Treasury, Department Of The
    The Department of the Treasury, specifically the Internal Revenue Service (IRS), is seeking proposals for a contract focused on cybersecurity, architecture, implementation, technical operations, and cloud services. The procurement aims to acquire commercial off-the-shelf (COTS) software licenses and maintenance services, including products such as HPE Ezmeral, Ciphertrust, Elastic Search, and One Identity, to enhance the IRS's IT infrastructure and bolster its cybersecurity capabilities. This initiative is critical for safeguarding sensitive information against cyber threats and ensuring compliance with federal security regulations. Interested vendors must submit their quotes by 12:00 PM EST on September 20, 2024, and direct any inquiries to Vanessa Rodgers at vanessa.rodgers@irs.gov or JW Terry at jw.r.terry@irs.gov.
    Compliance Data Warehouse (CDW) Data and Analytics.
    Active
    Treasury, Department Of The
    The Department of the Treasury, specifically the Internal Revenue Service (IRS), is seeking contractor support for the Compliance Data Warehouse (CDW) Data and Analytics project. The primary objective is to enhance the CDW through advanced data analytics and management capabilities, which includes managing large datasets from various sources and transitioning mainframe data processes to modern analytics frameworks. This initiative is crucial for improving operational decision-making within the IRS by leveraging effective analytics. The solicitation (RFQ 8384) will be available on September 9, 2024, with a closing date set for September 20, 2024. Interested parties can contact Daffeney L. Wilson at daffeney.l.wilson@irs.gov or by phone at 210-841-2173 for further information.
    Business Master File (BMF) Legacy Business Processing, Requirements, and Subject Matter Expert (SME) Support
    Active
    Treasury, Department Of The
    The Department of the Treasury, through the Internal Revenue Service (IRS), is seeking qualified vendors to provide support for the Business Master File (BMF) Legacy Business Processing, Requirements, and Subject Matter Expert (SME) services as part of its modernization initiative. The primary objective is to enhance the IRS's IT infrastructure by converting legacy Assembler Language Code (ALC) to Java, developing tools for code analysis, and ensuring effective knowledge transfer while adhering to IRS guidelines. This modernization effort is crucial for establishing a centralized and secure BMF database, improving data quality and taxpayer services, and responding to legislative mandates. Interested vendors must submit their responses by October 2, 2024, and can direct inquiries to Tiffany Strickland at tiffany.s.strickland2@irs.gov.
    IRS Emergency Alert Notification System (EANS)
    Active
    Treasury, Department Of The
    The Department of the Treasury, through the Internal Revenue Service (IRS), is seeking information from qualified vendors regarding the provision of an Emergency Alert Notification System (EANS) to enhance communication for approximately 100,000 employees across 500 locations. The primary objective is to establish a cloud-based solution that facilitates mass notifications and ensures accountability during emergencies, with specific requirements for secure communication protocols, real-time tracking, and comprehensive reporting capabilities. This initiative underscores the IRS's commitment to maintaining an effective emergency communication framework, which is crucial for employee safety and organizational efficiency. Interested firms must submit their responses by 5:00 PM Eastern Time on September 25, 2024, to the designated contacts, Sandra R. Anderson and Shelley Broadnax, via the provided email addresses.
    Sources Sought Notice for IRS Customer Experience Research
    Active
    Treasury, Department Of The
    The Internal Revenue Service (IRS) is seeking contractors to support its Customer Experience Research initiative through a Blanket Purchase Agreement (BPA). The primary objective is to gather and analyze both quantitative and qualitative customer experience data using various market research methods, including surveys and focus groups, to enhance taxpayer service and compliance. This effort aligns with the IRS's mission to improve service quality and is critical for understanding taxpayer needs and expectations. Interested parties must submit their responses, including a capabilities statement and answers to specific questions, by 2:00 PM EDT on October 8, 2024, to Mathew Nelker at Mathew.Nelker@irs.gov. This notice serves as a preliminary market research tool and does not guarantee a formal solicitation or contract.
    Versaterm Laboratory Information Management System (LIMS)
    Active
    Treasury, Department Of The
    The Department of the Treasury, specifically the Internal Revenue Service (IRS), is seeking to award a Sole Source contract for the maintenance of the Versaterm Laboratory Information Management System (LIMS) to Versaterm Public Safety US Inc. This procurement involves a 12-month maintenance renewal for LIMS-plus v5, along with four additional options, due to the system's unique capabilities in case management, chain of custody tracking, and data organization, which have been customized over the past seven years to meet the specific needs of the IRS Criminal Investigation Center for Science and Design. The system is critical for facilitating collaboration with other agencies, such as the US Secret Service and Homeland Security Investigations, and there are no comparable products available in the market. Interested parties may seek further information by contacting Leatrice Person at leatrice.f.person@irs.gov or JW Terry at jw.r.terry@irs.gov, with responses due by September 25, 2024, for a performance period extending until September 24, 2029.
    IRS Digital Transformation Efforts
    Active
    Treasury, Department Of The
    Special Notice: Treasury, Department of the Internal Revenue Service (IRS) is planning to digitally transform its high priority, paper-based processes using Inflation Reduction Act (IRA) funding. This effort aims to improve efficiency and streamline operations. The IRS is seeking to apply this funding towards the procurement of services and solutions that will support its digital transformation efforts. The IRS has provided an overview of this initiative in an attached Informational Notice. For more information, please contact Michael Oliver at Michael.Oliver2@irs.gov or Rebecca Katz at rebecca.h.katz@irs.gov. The place of performance for this procurement is Lanham, MD, USA.
    Modernized E-File (MeF)
    Active
    Treasury, Department Of The
    Presolicitation notice from the Treasury Department of the Internal Revenue Service (IRS) is seeking a contractor for the Modernized E-File (MeF) project. MeF is a mission-critical and mature application that requires a large and highly skilled staff to support its complex and dynamic nature. The contractor must be able to handle a high level of change and meet strict deadlines. MeF is a large-scale complex system that provides electronic filing and payment options for various types of tax returns. It processes hundreds of transactions per second during peak filing periods and employs a diverse group of complex COTS products. The contractor will play a critical role in providing 24/7 coverage for the production environment throughout the filing season and must possess strong knowledge of the tax return processing flow and MeF interfaces. The project aims to provide an internet-based e-Filing platform for all IRS tax returns and extensions. MeF has been in production since 2004 and processes tens of millions of small and large returns each year.
    Notice of RFQ No. 2032H8-24-Q-00054 - IRS, Technical Integrations Support
    Active
    Treasury, Department Of The
    The Department of the Treasury, Internal Revenue Service (IRS), is issuing Request for Quotations (RFQ) No. 2032H8-24-Q-00054 for Technical Integrations Support Services, specifically targeting SBA-Certified Economically Disadvantaged Woman-Owned Small Business (EDWOSB) entities. The procurement aims to provide technical strategy, program management, and strategic communication support to enhance the IRS's IT solutions, with responsibilities including producing executive-level briefings, stakeholder engagement, and process efficiency analysis. This contract is crucial for the IRS's modernization efforts and is structured for a base period of one year, with an option for an additional year, performed at IRS facilities and the contractor's site. Interested parties must submit their proposals by September 23, 2024, and can direct inquiries to Mathew Nelker at Mathew.Nelker@irs.gov.