The Defense Information Systems Agency (DISA) has issued a request for information (RFI) for a Host Based Security System (HBSS) Open Architecture Capability. “The goal of this RFI is to determine the feasibility of a future acquisition of an “Open Architecture” framework for host-based security solutions,” according to the announcement.
DISA is looking for an HBSS open architecture solution capability that is available to all vendors and capability developers, with the goal of creating a more competitive and level playing field for host-based security products.
“This would allow individual host-based security capabilities to be independently developed or acquired, but seamlessly integrated into an open framework with minimum to zero modification,” according to the announcement. “The Government envisions solutions taking the form of an existing architecture for system management; or host security with an unrestricted Application Program Interface (API) for integration; a set of standards for consolidated management of independent host security tools; an open source management framework; or any other solution that provides consolidated management of host security tools.”
Some of the critical requirements include: a common interface for installing and uninstalling, a “common interface for managing and applying security policies of security agents in a hierarchical architecture,” common mechanisms for host to server communication and reporting security results and use of industry-defined standards.