VA-26-00050029 User and Entity Behavior Analytics (UEBA) Solution
Overview
Buyer
Place of Performance
NAICS
PSC
Set Aside
Original Source
Timeline
Qualification Details
Fit reasons
- NAICS alignment with historical contract wins in similar service areas.
- Scope strongly matches core technical capabilities and delivery model.
Risks
- Past performance thresholds may require one additional teaming partner.
- Potential clarification needed on staffing minimums before bid/no-bid.
Next steps
Validate eligibility requirements, assign capture owner, and schedule partner outreach to confirm teaming strategy before submission planning.
Quick Summary
The Department of Veterans Affairs (VA) is conducting market research through a Sources Sought notice to identify potential sources for a User and Entity Behavior Analytics (UEBA) Solution. This effort aims to enhance cybersecurity by detecting anomalies and suspicious activities within the VA's network. Responses are due March 13, 2026.
Scope of Work
The VA requires a Host-Based UEBA solution and comprehensive support services for its Office of Information & Technology (OIT), Office of Information Security (OIS), Cyber Security Operations Center (CSOC). The solution will include hardware, maintenance, software licenses, installation, and ongoing support. Key activities involve project management, technical services, implementation, and maintenance to analyze user, account, and host behaviors. The anticipated NAICS code is 541519.
Contract & Timeline
- Type: Sources Sought / Market Research
- Anticipated Contract Type: Firm-Fixed Price
- Anticipated Duration: One (1) 12-month Base Period and two (2) 12-month option periods, not to exceed 36 months total.
- Set-Aside: None specified (market research stage, small business status requested)
- Response Due: March 13, 2026, 12:00 PM CST
- Published: March 6, 2026
Key Information Requested from Responders
Interested firms should provide:
- Firm Name, Point of Contact (Name, Phone, Email)
- Unique Entity ID (UEI) and CAGE Code
- Small Business Status (e.g., SDB, 8(a), HUBZone, SDVOSB, WOSB)
- Authorized Reseller Letter (if applicable)
- Identified UEBA tool/solution being offered
- FedRamp certification level (or ability to obtain) and projected timeframe
Special Requirements
- Security: Compliance with FISMA, NIST, HSPD-12, FICAM, and VA Handbook 6500 series. Background investigations for personnel.
- Technical: Solution must support IPv6, Zero Trust Architecture, and integrate with existing VA security platforms (Splunk, SOAR, EDR, SIEM, IDPS). Must comply with VA Enterprise Architecture and Technical Reference Model.
- Deliverables: Include Contractor Project Management Plan (CPMP), Weekly Activity Reports (WAR), Weekly Work Breakout Schedules (WBS), Weekly Integrated Master Schedules (IMS), Quarterly Status Reports, Technical Kickoff Meeting deliverables, Enterprise Implementation of UAM Agents, UEBA Implementation Plan, Change and Configuration Management Plan, Test Reports, and a Comprehensive Disaster Recovery Plan.
- Place of Performance: Contractor facilities in the Contiguous United States (CONUS).
Additional Notes
This notice is for information and planning purposes only and does not constitute a Request for Quote (RFQ), Invitation for Bid (IFB), or Request for Proposal (RFP). It does not commit the VA to a future contract. The VA anticipates awarding to only one responsive, responsible contractor. Responses should be submitted via email to Marcela.Clark2@va.gov.