Insider Threat Monitoring Tool
Overview
Buyer
Place of Performance
NAICS
PSC
Set Aside
Original Source
Timeline
Qualification Details
Fit reasons
- NAICS alignment with historical contract wins in similar service areas.
- Scope strongly matches core technical capabilities and delivery model.
Risks
- Past performance thresholds may require one additional teaming partner.
- Potential clarification needed on staffing minimums before bid/no-bid.
Next steps
Validate eligibility requirements, assign capture owner, and schedule partner outreach to confirm teaming strategy before submission planning.
Quick Summary
The United States Marine Corps (USMC) has issued a Sources Sought for a recompete effort to identify industry capabilities for the Insider Threat Monitoring Tool. This market research aims to gather information on maintaining, enhancing, and expanding the existing tool used to detect insider threats on the Marine Corps Enterprise Network (MCEN). Responses are due by May 29, 2026, at 10:00 AM EST.
Purpose
This is an informational Sources Sought notice, not a Request for Proposal or Quote. The USMC seeks to understand market capabilities for the continued support and evolution of its Insider Threat Program Monitoring Tool. This effort is specific to application maintenance, capability enhancement, and expansion.
Scope of Work
The requirement involves fielding, operating, enhancing, expanding, and sustaining a comprehensive Insider Threat Monitoring System. The existing platform includes User Activity Monitoring (UAM), a Behavioral Analytics Platform, and a Case Management System. According to the Draft PWS, the contractor will provide full lifecycle technical support for a Protection Level 4 (PL4) commercial-off-the-shelf (COTS) Insider Threat Monitoring system. This includes provisioning hardware, software, application support, and Cybersecurity/Risk Management Framework (RMF) services, with continuous 24x7x365 monitoring for up to 200,000 endpoints. Excluded tasks are operational analysis of collected data, insider threat investigations, or law enforcement actions.
Contract Details
- Opportunity Type: Sources Sought (Market Research)
- Anticipated NAICS: 541512, Computer Systems Design Services (Size Standard: $34.0M)
- Anticipated PSC: DA10, IT and Telecom – Business Application/Application Development Software as a Service
- Current Contract: This is a recompete of contract M9549421F0010, currently performed by EVERFOX, LLC.
- Period of Performance (PWS): A base year (Sept 30, 2026 - Sept 29, 2027) with four 12-month option years.
- Place of Performance: Primarily Arlington, VA.
Response Requirements
Interested organizations should submit a capability statement, not exceeding eight pages (excluding cover page), in 11-point font. The statement must address:
- Company Profile (Name, UEI, CAGE, TIN, Address)
- Two Points of Contact
- Business Size Standard under NAICS 541512
- Technical Capability: Describe ability to field, operate, and sustain a comprehensive Insider Threat Monitoring System, including interoperability with DoW/USMC/IC systems, compliance with CNSSD 504 and National Insider Threat Policy, and standalone functionality.
- Proprietary Licensing: State if an OEM, authorized reseller for EverFox, LLC licenses, or proposing an alternative solution with technical data.
- Relevant Experience: Summary of past/present performance on similar requirements (dollar values, Gov/non-fed, Prime/Sub). Feedback on the Draft PWS, proposed NAICS, PSC, or contract type is also encouraged.
Special Requirements
Contractor personnel will require TS/SCI clearance, MCEN privileged user training/certification, and must execute an NDA. A final favorable T5 investigation and DoD 8140 certification are required at award. The system must achieve an Authority to Operate (ATO) prior to production implementation.
Submission Details
- Response Due: May 29, 2026, 10:00 AM EST
- Submit To: Ms. Makyla Clark (makyla.j.clark.civ@usmc.mil) and Mr. Ryan Brown (ryan.m.brown@usmc.mil).