SAM #M9549426R0019

USMC Insider Threat Monitoring System Maintenance, Enhancement, and Expansion

The United States Marine Corps (USMC), under the Department of War, is seeking industry input and potential solutions for maintaining, enhancing, and expanding its Insider Threat Program Monitoring Tool across the Marine Corps Enterprise Network (MCEN). - Government Buyer: - Department of War (DoW), United States Marine Corps (USMC), Marine Corps Installations Command HQ - OEMs and Vendors Mentioned: - EverFox, LLC (incumbent OEM; proprietary software licenses anticipated) - Products and Services Requested: - Fielding, operation, enhancement, and sustainment of a comprehensive Insider Threat Monitoring System - User Activity Monitoring (UAM) Tool - Behavioral Analytics Platform (User and Entity Behavior Analytics/UEBA) - Case Management System - Next-Generation Firewall (NGFW) - Hardware, software, cybersecurity services, and system administration for up to 200,000 endpoints and 150 admin users - Network engineering and administration for Cisco switches - Hardware maintenance and repair (servers, switches, firewalls, storage, cabling) - Software administration and engineering support (NGFW, ESXi, Windows Server, RHEL, SQL Server, Elastic, PostgreSQL, Oracle) - Training (basic and advanced, virtual and in-person) - Technical documentation, user guides, and monthly status reports - Vulnerability management, patching, RMF lifecycle management, STIG compliance, and continuous monitoring - Unique or Notable Requirements: - Must support up to 200,000 endpoints and 150 administrative users - Solutions must be CNSSD 504 compliant and meet National Insider Threat Policy standards - Interoperability with Department of War, USMC, and Intelligence Community hardware/software baselines - Must operate as standalone capabilities (not bundled with unrelated tools) - Contractor personnel require TS/SCI clearance and cyber certifications - Respondents must clarify if they are the OEM, an authorized reseller for EverFox, LLC, or proposing a compliant alternative - Deliverables include RMF packages, ATO support, and compliance documentation - Work to be performed at government facilities in Arlington, VA, and Marine Corps bases/installations outside the National Capital Region

Description

This Sources Sought is for informational purposes only. This is not a Request for Proposal or Request for Quote. It does not constitute a solicitation and shall not be construed as a commitment by the Government. Responses in any form are not offers and the Government is under no obligation to award a contract as a result of this announcement. No funds are available to pay for preparation of responses to this announcement. Any information submitted by Respondents to this notice is strictly voluntary.

Description of Requirement

The United States Marine Corps (USMC) is seeking information from interested organizations on capabilities in the marketplace for the maintenance, enhancement, and expansion of the Insider Threat Program Monitoring Tool.

As part of the Marine Corps Insider Threat Program, there is a Monitoring Tool used to detect insider threats on the Marine Corps Enterprise Network (MCEN). The information compiled from these sources, integrated with information from various other sources (e.g., human resources, law enforcement, and counterintelligence) supports analysis and response to counter insider threats on the MCEN. This effort is specific to the monitoring tool application maintenance, capability enhancement, and expansion.

The Marine Corps Insider Threat Program’s Monitoring Tool is mostly fielded. The platform includes the following capabilities:

User Activity Monitoring (UAM) Behavioral Analytics Platform (User Behavior) Case Management System

To support the USMC Insider Threat Program, the contractor shall field the Behavioral Analytics Platform, operate, enhance, expand, and sustain a comprehensive Insider Threat Monitoring System.

2.0 NAICS

The anticipated North American Industrial Classification System (NAICS) code for this requirement is 541512, Computer Systems Design Services with a size standard of $34.0M in annual receipts.

3.0 Product Service Code (PSC)

The anticipated Product Service Code (PSC) DA10, IT and Telecom – Business Application/Application Development Software as a Service.

4.0 Current Contract

This requirement is a recompete effort currently performed under contract Number M9549421F0010.  The incumbent Contractor is: EVERFOX, LLC, CAGE Code: 029J2.

Feedback on the attached Draft PWS is encouraged.

5.0 Response Instructions:

Respondents are invited to review the Attach Draft Performance Work Statement and submit a brief capability statement that is no more than eight pages (not including cover page) and in no smaller than 11-point font. The capability statement shall address the following:

1. Company Profile

Name of Organization Unique Entity ID CAGE Code Tax Identification Number Physical and Website Address.

2. Two (2) Points of Contact

(POCs) with names, positions, email addresses, and telephone numbers

3. Business Size Standard

Indicate business size classification under NAICS 541512 (i.e., Large, Small Disadvantaged, Veteran, Women Owned, etc.)

4. Technical Capability

Provide a narrative describing Organization’s capability to meet/perform the requirements of the Draft PWS. Responses must include a detailed description of their current ability to field, operate, and sustain a comprehensive Insider Threat Monitoring System or a planned capability or an anticipated date this would be achieved. Interoperability and Compliance: Demonstrate the capability to seamlessly integrate with and maintain interoperability across existing Department of War (DoW), United States Marine Corps (USMC), and Intelligence Community (IC) hardware, software, and configuration baselines. Additionally, respondents must provide evidence that their solution is fully compliant with the minimum capability requirements and standards established in CNSSD 504, as well as the National Insider Threat Policy. Standalone Functionality: Detail how the proposed solution operates as a discrete, standalone capability. The capability must function independently and cannot be a byproduct of, or strictly reliant upon, a bundled suite of additive tools designed for multiple, distinct purposes. Proprietary Licensing / Authorized Reseller: The Government anticipates that this requirement necessitates proprietary software licenses from EverFox, LLC. Respondents must state whether they are the Original Equipment Manufacturer (OEM), an authorized reseller capable of providing the required EverFox, LLC licenses, or if they are proposing an alternative solution. If proposing an alternative, the respondent must provide clear technical data proving the alternative meets all aforementioned interoperability and compliance requirements without violating existing intellectual property rights or requiring excessive re-engineering.

5.  Relevant Experience

Summary of past and present performance on similar requirements Include dollar values and specify whether work was performed for the Government or non-federal entities, and whether that experience was performed as a Prime Contractor or Subcontractor

6. Feedback and Recommendations (not included in page limit)

Comments on the Draft PWS. Feedback on the proposed NAICS code, PSC selection, or contract type

Submission Deadline: All responses to this Notice shall be submitted via email no later than 29 May 2026 at 10:00 AM EST, to:

Ms. Makyla Clark (makyla.j.clark.civ@usmc.mil); and Mr. Ryan Brown (ryan.m.brown@usmc.mil).

Proprietary information and trade secrets, if any, must be clearly marked on all materials. All information received that is marked Proprietary will be handled accordingly. Please be advised that all submissions become Government property and will not be returned. All Government personnel reviewing Capabilities Statements will have signed Non-Disclosure Agreements and understand the obligations for proper use and protection from unauthorized disclosure of proprietary information as described at 41 U.S.C § 2102. The Government shall not be held liable for any damages incurred if proprietary information is not properly identified.

View original listing