--- title: "SIEM / SOAR / TIP Technologies (Global)" ocid: "ocds-h6vhtk-03b2ff" canonical_url: "https://d3tenders.com/contract/?ocid=ocds-h6vhtk-03b2ff" markdown_url: "https://d3tenders.com/contract/ocds-h6vhtk-03b2ff.md" json_url: "https://d3tenders.com/contract/ocds-h6vhtk-03b2ff.json" source: "Find A Tender Service" current_stage: "Tender" buyer: "NATIONAL GRID UK LIMITED" published: "2023-03-27" --- # SIEM / SOAR / TIP Technologies (Global) Buyer: NATIONAL GRID UK LIMITED Current stage: Tender OCID: ocds-h6vhtk-03b2ff [View canonical contract page](https://d3tenders.com/contract/?ocid=ocds-h6vhtk-03b2ff) [Download OCDS JSON](https://d3tenders.com/contract/ocds-h6vhtk-03b2ff.json) ## Summary The National Grid UK Limited is seeking a strategic partner to provide SIEM, SOAR, and TIP technologies for their Security Team. This tender opportunity comprises 3 lots, and interested parties can register their interest. Key dates include PIN Issued: 15th March 2023, PIN Closed: 7th April 2023, PQQ Issued: 17th April 2023, PQQ Closed: 5th May 2023, RFP Issued: 15th May 2023, RFP Closed: 9th June 2023, and Contract Award: 15th September 2023. The procurement stage is currently in the planning phase. This tender from National Grid UK Limited provides an opportunity for technology vendors specializing in security software packages to compete. Businesses offering SIEM, SOAR, and TIP technologies and services related to cybersecurity can benefit from participating in this tender. The tender process involves multiple lots, allowing vendors to bid for one or more categories based on their expertise. Eligible businesses must adhere to the outlined dates and guidelines to secure a chance to partner with National Grid UK Limited in delivering critical security solutions. ## Notice National Grid's Security Team is seeking to select a strategic partner to provide one or all of the below capabilities: * SIEM (Security Information and Event Management) * SOAR (Security Orchestration, Automation, and Response) * TIP (Threat Intelligence Platform) National Grid welcomes interested parties who lead in the above-listed areas to register their interest regarding this tender opportunity. Please note that this tender will consist of 3 lots. Suppliers may choose to bid for any number of lots. ### Lot Information SIEM (Security Information and Event Management)Technology National Grid security team operates a 24*7*365 Cyber Security Operation Centre (CSOC) that monitors our estate for malicious, suspicious, or anomalous behavior and responds appropriately to ensure the consistency of services National Grid provides. SIEM / SOAR / TIP technologies are the cornerstone of an effective Security Operations organization. The successful solution will demonstrate the below: SIEM * Comprehensive log collection - The SIEM solution should be able to collect logs from all relevant sources. This includes servers, databases, network devices, end user devices, and applications. * Alerting and Reporting - The SIEM solution should provide a catalog of alerts and reports out of the box that can be modified and tuned to meet the needs of National Gird. * Advanced Analytics - The SIEM solution should have advanced analytic capabilities such as behavioral analytics (UEBA) and machine learning to detect anomalous activity and potential threats. * Real-time (or near real-time) monitoring - The SIEM solution should be able to provide real-time monitoring to ensure security events are detected quickly. * Integration - The SIEM solution should integrate with other industry-standard security tools to provide a complete view of the internal security landscape. * Scalability - The solution should be able to scale up and down as required by the organizational needs of National Grid. * Support - National Grid should have access to a 24/7/365 vendor support team to assist with any service issues. Vendor-provided training and certification should be available to all applicable National Grid staff. * Usability - The solution should be user-friendly and initiative to configure and manage. It should allow teams to easily drill down into specific data points for more detailed analysis. Additional information: Technical & Delivery Considerations Due to the strictly regulated industries National Grid operate in, we have a strong preference towards vendors who can provide a hybrid architecture whereby infrastructure is split between on-premise and cloud. The required solution will integrate with internal IT infrastructure and external vendors of National Grid. Vendors will be expected to demonstrate how they can effectively integrate with other tooling in the environment. In addition to the software and hosting service, we will be looking for a robust plan around the operations support models available. SOAR (Security Orchestration, Automation and Response)Technology National Grid security team operates a 24*7*365 Cyber Security Operation Centre (CSOC) that monitors our estate for malicious, suspicious, or anomalous behavior and responds appropriately to ensure the consistency of services National Grid provides. SIEM / SOAR / TIP technologies are the cornerstone of an effective Security Operations organization. The successful solution will demonstrate the below: SOAR * Comprehensive integration - The SOAR solution should integrate with the internal and external tooling for automated enrichment and response * Automation - The SOAR solution should contain a repository of playbooks that can be used to accelerate the adoption of the platform * Case Management - The SOAR Platform should provide a centralized incident management console that allows for end-to-end incident management. * Analytics and reporting - The SOAR solution should provide advanced analytics and reporting allowing National Grid to track key metrics, identify trends and gain insights into security operations. * Scalability - The solution should be able to scale up and down as required by the organizational needs of National Grid. * Support - National Grid should have access to a 24/7/365 vendor support team to assist with any service issues. Vendor-provided training and certification should be available to all applicable National Grid staff. * Usability - The solution should be user-friendly and initiative to configure and manage. It should allow teams to easily drill down into specific data points for more detailed analysis. Additional information: Technical & Delivery Considerations Due to the strictly regulated industries National Grid operate in, we have a strong preference towards vendors who can provide a hybrid architecture whereby infrastructure is split between on-premise and cloud. The required solution will integrate with internal IT infrastructure and external vendors of National Grid. Vendors will be expected to demonstrate how they can effectively integrate with other tooling in the environment. In addition to the software and hosting service, we will be looking for a robust plan around the operations support models available. TIP (Threat Intelligence Platform)Technology National Grid security team operates a 24*7*365 Cyber Security Operation Centre (CSOC) that monitors our estate for malicious, suspicious, or anomalous behavior and responds appropriately to ensure the consistency of services National Grid provides. SIEM / SOAR / TIP technologies are the cornerstone of an effective Security Operations organization. The successful solution will demonstrate the below TIP * Comprehensive source integrations - The TIP should be able to take threat feeds from a variety of sources including open source and paid threat feeds, internal security tooling, and manual submissions from internal teams. * Advanced Analytics - The TIP solution should be able to analyse ingested threat data to identify patterns and trends, allowing National Grid to gain insights into the nature of threats targeting the organization. * Usability - The TIP solution should be user-friendly and initiative to configure and manage. * Reporting - The TIP solution should provide customizable dashboards and reports that allow users to drill down into specific data points. * Scalability - The solution should be able to scale up and down as required by the organizational needs of National Grid. * Support - National Grid should have access to a 24/7/365 vendor support team to assist with any service issues. Vendor-provided training and certification should be available to all applicable National Grid staff. * Usability - The solution should be user-friendly and initiative to configure and manage. It should allow teams to easily drill down into specific data points for more detailed analysis. Additional information: Due to the strictly regulated industries National Grid operate in, we have a strong preference towards vendors who can provide a hybrid architecture whereby infrastructure is split between on-premise and cloud. The required solution will integrate with internal IT infrastructure and external vendors of National Grid. Vendors will be expected to demonstrate how they can effectively integrate with other tooling in the environment. In addition to the software and hosting service, we will be looking for a robust plan around the operations support models available. ## Key Details | Field | Value | | --- | --- | | Publication source | Find A Tender Service | | Latest notice | https://www.find-tender.service.gov.uk/Notice/008770-2023 | | Notice type | Planning Notice | | Procurement type | Standard | | Procurement category | Goods | | Procurement method | Not Specified | | Procurement method details | Not specified | | Tender suitability | Not specified | | Awardee scale | Not specified | | All stages | Planning, Tender | ## Dates | Field | Value | | --- | --- | | Publication date | 27 Mar 2023 | | Submission deadline | 7 Apr 2023 | | Future notice date | 9 Apr 2023 | | Award date | Not specified | | Contract period | Not specified | | Recurrence | Not specified | ## Values | Field | Value | | --- | --- | | Tender value | £15,000,000 | | Lots value | Not specified | | Awards value | Not specified | | Contracts value | Not specified | ## Status | Field | Value | | --- | --- | | Tender status | Planned | | Lots status | Planned | | Awards status | Not specified | | Contracts status | Not specified | ## Buyer | Field | Value | | --- | --- | | Main buyer | NATIONAL GRID UK LIMITED | | Locality | LONDON | | Post town | Central London | | Postcode | WC2N 5EH | | Country | England | | ITL 1 | TLI London | | ITL 2 | TLI3 Inner London - West | | ITL 3 | TLI35 Westminster and City of London | | Local authority | Westminster | | Electoral ward | St James's | | Westminster constituency | Cities of London and Westminster | | Delivery location | Not specified | ## CPV Codes ### Divisions - 48 - Software package and information systems ### Codes - 48730000 - Security software package ## Release History - 27 Mar 2023 at 08:56 - TenderUpdate - Tender Notice - https://www.find-tender.service.gov.uk/Notice/008770-2023 - 15 Mar 2023 at 11:46 - Planning - Planning Notice - https://www.find-tender.service.gov.uk/Notice/007512-2023 ## Notice URLs - http://www.nationalgrid.com - https://www.achilles.com/community/uvdb/ ## Provenance This Markdown file is an alternate public rendering of the D3 Tenders contract record. The canonical page is https://d3tenders.com/contract/?ocid=ocds-h6vhtk-03b2ff. The underlying structured data is available as OCDS JSON at https://d3tenders.com/contract/ocds-h6vhtk-03b2ff.json.