Zero Trust Automated Threat-Based Cyber Assessment Solutions
ID: ZTTBCA0001Type: Sources Sought
Overview

Buyer

DEPT OF DEFENSEWASHINGTON HEADQUARTERS SERVICES (WHS)WASHINGTON HEADQUARTERS SERVICESWASHINGTON, DC, 203011000, USA

Original Source

https://sam.gov/workspace/contract/opp/9bc1ce946aa648c1b2597929b8b7a08e/view
Timeline
    Description

    The Department of Defense, through the Washington Headquarters Services, is seeking information on automated Zero Trust Threat-Based Cyber Assessment (TBCA) solutions as part of a Request for Information (RFI). The objective is to transition from manual, compliance-based cybersecurity assessments to continuous, automated, and threat-based approaches that can emulate adversarial activities to assess Zero Trust implementations on both UNCLASSIFIED and SECRET networks. This initiative is crucial for validating adherence to the DoD Zero Trust Strategy, reducing assessment time and costs, and supporting continuous TBCA across various environments, including on-premises, cloud, and hybrid setups. Interested parties are invited to submit unclassified responses, limited to ten pages, electronically by 12 PM ET on February 10, 2026, to Leanne Condren at leanne.m.condren.civ@mail.mil.

    Point(s) of Contact
    Leanne Condren
    leanne.m.condren.civ@mail.mil
    Files
    Title
    Posted
    RFI_TBCA_Step 2 Feb 10.docx
    The Department of Defense (DoD) Chief Information Officer (CIO) Zero Trust Portfolio Management Office (ZT PfMO) has issued a Request for Information (RFI) seeking automated Zero Trust (ZT) Threat-Based Cyber Assessment (TBCA) solutions. This RFI is for market research purposes only and does not constitute a solicitation. The DoD aims to transition from manual, compliance-based cybersecurity assessments to continuous, automated, and threat-based approaches. The objective is to identify solutions that can emulate adversarial activities to assess ZT implementations on UNCLASSIFIED and SECRET networks, validate adherence to the DoD Zero Trust Strategy, reduce assessment time and costs, and support continuous TBCAs. The ZT PfMO is looking for solutions applicable across various environments (on-prem, cloud, hybrid) that can run within a Component's environment, be ready for production by Q2 FY26, and be procurable by DoD Components. Industry input is requested on strategies for onboarding, impact level access, threat frameworks, aid to cyber teams, replacement of manual assessments, existing government deployments, total cost of ownership, continuous analysis capabilities, assessment of Advanced level ZT activities, earliest deployment timeframe, and reporting capabilities. Responses, limited to ten pages, must be unclassified and submitted electronically by 12 PM ET on February 10, 2026.
    Lifecycle
    Title
    Type
    Zero Trust Automated Threat-Based Cyber Assessment Solutions
    Currently viewing
    Sources Sought
    Similar Opportunities
    Zero Trust RFI Artificial Intelligence
    Dept Of Defense
    The Department of Defense, through the Washington Headquarters Services, is issuing a Request for Information (RFI) focused on enhancing Zero Trust assessments using Artificial Intelligence (AI) and Machine Learning (ML). The objective is to gather insights on Commercial Off-the-Shelf platforms and services that can automate and scale Zero Trust Purple Team evaluations across both UNCLASSIFIED and SECRET networks, aiming to achieve Target Level Zero Trust by FY27. This initiative is critical for validating compliance with established Zero Trust activities and identifying limitations in current practices. Interested parties are invited to submit their responses, limited to ten pages, by 12 PM ET on February 9, 2026, to Leanne Condren at leanne.m.condren.civ@mail.mil.
    Protecting Army Modernization and Supply Chains- Commercial Solutions Opening (CSO)
    Dept Of Defense
    The Department of Defense, through the Army Contracting Command, is seeking innovative solutions to enhance cybersecurity within the Defense Industrial Base (DIB) as part of the Protecting Army Modernization and Supply Chains initiative. This opportunity invites proposals for automated cybersecurity measures that comply with critical standards such as NIST controls and Cybersecurity Maturity Model Certification (CMMC), aimed at supporting small businesses in mitigating cyber threats while ensuring the protection of intellectual property and secure access. The initiative is crucial for safeguarding defense technologies and ensuring the rapid delivery of military capabilities, with submissions accepted until March 6, 2030. Interested parties can contact the Army NCODE Team at usarmy.apg.acc.mbx.dc3oe-ncode-cso@army.mil for further information.
    NATO Request for Information: Innovation Continuum 2026
    Commerce, Department Of
    The Department of Commerce, through the Bureau of Industry and Security, has issued a Request for Information (RFI) titled "Innovation Continuum 2026" to engage with industry stakeholders regarding Emerging and Disruptive Technologies (EDTs) that can enhance NATO's Multi-Domain Operations (MDO) and Digital Transformation (DT) initiatives. The RFI outlines eight key themes, including AI Audacious Training, Layered Counter-UAS Initiative, and Cyber Resilience, aimed at fostering collaboration and identifying innovative solutions to advance NATO's military capabilities. Responses to this RFI are not a commitment to a future contract but are crucial for evaluating potential technological advancements; submissions are due by 5:00 pm EST on January 30, 2026, with questions accepted until January 16, 2026. Interested parties should direct all inquiries and responses to the designated Points of Contact listed in the RFI, referencing RFI-ACT-SACT-25-112.
    Microelectronics Request for Information
    Dept Of Defense
    The Defense Threat Reduction Agency (DTRA) is issuing a Request for Information (RFI) to identify innovative microelectronic materials that can achieve low size, weight, power, and cost (SWaP-C) for advanced sensor design. The RFI seeks information on the development of hybrid materials and semiconductors, including new or significantly improved 2D materials, flexible alternatives to traditional chips, and robust heat-resistant components, all aimed at enhancing functionality and performance in challenging environments. This initiative is crucial for supporting the Joint Program Executive Office for Chemical, Biological, Radiological, Nuclear Defense (JPEO-CBRND) and aims to revolutionize sensor technology for military applications. Interested parties must submit a 5-page white paper and a 10-slide PowerPoint presentation by January 26, 2026, at 1700 EST, and can direct inquiries to Dr. Jennifer Soliz at jennifer.r.soliz.civ@mail.mil.
    Request for Information (RFI) - ABMS Battlespace Command and Control Center (BC3) Software Capabilities to Cloud Base Command and Control (CBC2) Program
    Dept Of Defense
    The Department of Defense, specifically the Department of the Air Force, is conducting a Request for Information (RFI) to identify potential sources for providing software capabilities for the Advanced Battle Management System (ABMS) Battlespace Command and Control Center (BC3) as part of the Cloud Based Command and Control (CBC2) program. This initiative aims to develop a multi-user interface solution that supports rapid integration and scalability across the ABMS Enterprise, addressing critical capabilities for near-term operations, particularly in Homeland Air Defense and Tactical Operations. The BC3 software is essential for enhancing military command and control capabilities, contributing to the broader Joint All Domain Command and Control (JADC2) vision. Interested parties can reach out to Cahi Hardy at cahi.hardy@us.af.mil or by phone at 603-494-4495 for further information.
    Department of Defense Secure Access File Exchange Modernization
    Dept Of Defense
    The Department of Defense, through the Defense Information Systems Agency (DISA), is seeking information to modernize the Secure Access File Exchange (SAFE) system. The objective is to enhance the current file transfer system, which is accessible via the Non-classified Internet Protocol Router Network (NIPRNet), by addressing challenges related to performance, security, data loss prevention, integration, and usability. The modernized solution will aim to improve scalability, security with multi-factor authentication, increase file size capacity to 40GB, and provide user control over data retention. Interested parties are invited to submit a white paper by January 13, 2026, detailing their business capabilities, Rough Order of Magnitude (ROM) pricing, and responses to the technical requirements outlined in the Request for Information (RFI). Questions regarding the RFI must be submitted by January 6, 2026, with primary contact Korrina Taitano available at korrina.l.taitano.civ@mail.mil for further inquiries.
    Capacity as A Service (CaaS)
    Dept Of Defense
    The Department of Defense, specifically the Marine Corps Installations National Capital Region – Regional Contracting Office (MCINCR-RCO), is conducting market research to identify small business vendors capable of providing Capacity as a Service (CaaS) to support its Research, Development, Testing, and Evaluation (RDT&E) core infrastructure, laboratory environments, and data centers. The CaaS solution will involve the provision, installation, and maintenance of compute, networking, and storage hardware at designated government facilities, with a focus on modular, enterprise-grade performance and compliance with DoD security requirements. Interested vendors are invited to submit their responses to the Request for Information (RFI) by January 16, 2025, at 08:00 AM EST, and should direct their submissions to Kellie Holley and Kevin Guertin via email. This RFI is for informational purposes only and does not constitute a solicitation for offers.
    Request for Information: Over-the-Horizon Sensor (OTH-S)
    Dept Of Defense
    The Department of Defense, specifically the Department of the Navy, is seeking information regarding the Over-the-Horizon Sensor (OTH-S) as part of a Request for Information (RFI) issued by the Program Executive Officer Land Systems (PEO LS) Program Manager Intelligence and Cyberspace Operations (PM ICO). The objective of this RFI is to gather insights on advanced stage Technology Readiness Level (TRL) OTH-S technologies that can provide Maritime Domain Awareness (MDA) and Intelligence, Surveillance, and Reconnaissance (ISR) capabilities, particularly for detecting adversary surface targets at extended ranges. This initiative is crucial for enhancing the Marine Corps' operational capabilities without reliance on national or theater assets. Interested parties are encouraged to submit detailed responses showcasing their capabilities, with specific submission instructions outlined in the attached documents. For further inquiries, respondents may contact Brittney Moore at brittney.moore@usmc.mil or Morgan Carey at morgan.carey@usmc.mil.
    FA830726RB013 - Hashi-Corp RFI
    Dept Of Defense
    The Department of Defense, specifically the Air Force Life Cycle Management Center (AFLCMC), is issuing a Request for Information (RFI) regarding Hashi-Corp licenses and alternative software solutions aimed at enhancing the security and compliance of software development within the United States Air Force (USAF). The primary objective is to identify commercial software products and services that can facilitate the creation and maintenance of software threat models, secure code, and protected storage for sensitive information in a cloud environment. This initiative is critical for ensuring the security of Platform One (P1) systems and mitigating risks associated with unauthorized access to sensitive resources. Interested vendors are required to submit their responses using the provided Requirements Capability Sheet, detailing their software options, associated costs, and capabilities, with submissions directed to the Platform One License Management Team at aflcmc.hncx.p1licensemanagement@us.af.mil or to the Contracting Officer, Major Jamail Walker, at aflcmc.hnckp.platformonectr@us.af.mil. This RFI is for planning purposes only, and the government reserves the right to make no award.
    Request for Information - Cyber Defense and Intelligence Support Services (CDISS)
    Homeland Security, Department Of
    The Department of Homeland Security, specifically the U.S. Immigration and Customs Enforcement (ICE), is seeking information through a Request for Information (RFI) regarding Cyber Defense and Intelligence Support Services (CDISS). The objective of this RFI is to gather insights to refine the acquisition strategy, assess potential contract vehicles, and solicit feedback on the draft Statement of Work (SOW) related to enhancing ICE's cybersecurity capabilities, including 24/7 monitoring, incident response, and compliance with federal regulations. This initiative is crucial for strengthening ICE's defenses against cybersecurity threats across a vast network of approximately 53,000 devices. Interested parties must submit their responses by January 9, 2025, at 12:00 PM Eastern Time, and can direct inquiries to Contract Specialist Justin Dudenhefer at justin.dudenhefer@ice.dhs.gov or Contracting Officer Pamela Rodgers at pamela.a.rodgers@ice.dhs.gov.