Technology Selection List.xlsx

	A	B	C	D	E	F	G	H	I	J	K	L	M	Q	R	S	T	U	V
1	Technology	Specific Product Selected	Owned / Managed by Function?	Using Another Function's Technology? (If Yes, Cite Function)	Outsourced?	Oursource Partner?	Estimated Purchase Price	Estimated Annual Support and Maintenance Percentage	Estimated Annual Support / Maintenance Annual Increase	Year 1 Annual Maintenance Cost	Year 2 Annual Maintenance Cost	Year 3 Annual Maintenance Cost

2	Command Center
3	Telephone System	Outsourced	Yes		Yes		$50,000.00	30%	5%	$15,000.00	$17,500.00	$20,000.00		No	Yes
4	Servers to Convey System State	Two servers with LAMP			No		$5,000.00	25%	5%	$1,250.00	$1,500.00	$1,750.00		Command Center	Network Security Monitoring	Threat Intel	Incident Response	Forensics	Self-Assessment
5	Encryption for Communication	S/MIME certs using external CA					$3,000.00	20%	10%	$600.00	$900.00	$1,200.00
6	Ticket Tracking System	CyberCPR					$35,000.00	35%	5%	$12,250.00	$14,000.00	$15,750.00
7	SIEM		No	Network Security Monitoring						$0.00	$0.00	$0.00
8	Availability Monitoring	What's Up					$5,000.00	20%		$1,000.00	$1,000.00	$1,000.00
9	Performance Monitoring	What's Up					$5,000.00	25%		$1,250.00	$1,250.00	$1,250.00
10	External Threat Feeds		No	Threat Intel						$0.00	$0.00	$0.00
11	Network Security Monitoring
12	SIEM	Splunk					$200,000.00	30%	5%	$60,000.00	$70,000.00	$80,000.00
13	NIDS	Security Onion					$15,000.00	20%	5%	$3,000.00	$3,750.00	$4,500.00	Note: for hardware
14	NIPS	n/a							5%	$0.00	$0.00	$0.00
15	HIDS	Widows Event Logs								$0.00	$0.00	$0.00
16	EPS									$0.00	$0.00	$0.00
17	HIPS	CarbonBlack					$35,000.00	20%	5%	$7,000.00	$8,750.00	$10,500.00
18	Host Event Logs	Windows Event Logs							25%	$0.00	$0.00	$0.00
19	Network Infrastructure Logs	Splunk (existing)							5%	$0.00	$0.00	$0.00
20	Application Logs	Splunk (existing)							30%	$0.00	$0.00	$0.00
21	Honeypots	ADHD							10%	$0.00	$0.00	$0.00
22	Wi-Fi IDS (WIDS)	Kismet					$3,000.00	0%	5%	$0.00	$150.00	$300.00	Hardware
23	Wi-Fi Scanning		Yes	Self-Assessment						$0.00	$0.00	$0.00
24	Malware Detonation Devices	Cuckoo Sandbox								$0.00	$0.00	$0.00
25	Full Packet Capture (PCAP)	Security Onion								$0.00	$0.00	$0.00
26	Test Systems	Repurposed hardware							20%	$0.00	$0.00	$0.00
27	Development Systems for NIDS, etc.	Spare hardware							25%	$0.00	$0.00	$0.00
28	Log Archive	Spare hardware / Postgresql					$2,000.00	5%	5%	$100.00	$200.00	$300.00	Hard drives for expansion and backup
29	Threat Intelligence
30	SIEM		Yes	Network Security Monitoring						$0.00	$0.00	$0.00
31	Logs		Yes	Network Security Monitoring						$0.00	$0.00	$0.00
32	NIDS		Yes	Network Security Monitoring						$0.00	$0.00	$0.00
33	External Threat Feeds	ThreatConnect					$20,000.00	25%	5%	$5,000.00	$6,000.00	$7,000.00
34	Business Partner Info Exchange Platform	ad hoc								$0.00	$0.00	$0.00
35	Indicator of Compromise Collection	Internal Hardware, custom code					$8,000.00	30%		$2,400.00	$2,400.00	$2,400.00
36	Intelligence Development Environment	Repurposed hardware								$0.00	$0.00	$0.00
37	Threat Intelligence Portal	ad hoc								$0.00	$0.00	$0.00
38	Correlation / Mapping / Relationship Development	Maltego					$5,000.00	35%	5%	$1,750.00	$2,000.00	$2,250.00
39	Incident Response
40	Network Collection of Memory	GRR					$5,000.00	20%	5%	$1,000.00	$1,250.00	$1,500.00	Hardware
41	Network Collection of Host File System	n/a								$0.00	$0.00	$0.00
42	Local Collection of Memory	Thumb drives with winpmem					$500.00	0%	5%	$0.00	$25.00	$50.00
43	Local Collection of Host	SIFT Kit								$0.00	$0.00	$0.00
44	Hardware write blockers (potentially enumerate all drive types)	Tableau					$1,500.00	10%	5%	$150.00	$225.00	$300.00
45	Key Escrow for Full Disk Encryption	n/a								$0.00	$0.00	$0.00
46	Mobile Device Collection	Santoku					$1,000.00			$0.00	$0.00	$0.00	hardware
47	Examination Workstations	Repurposed hardware								$0.00	$0.00	$0.00
48	Forensic Software - Workstation/ Server	SIFT Kit								$0.00	$0.00	$0.00
49	Forensic Software - Mobile	SIFT Kit								$0.00	$0.00	$0.00
50	Forensic Software - Cloud	SIFT Kit								$0.00	$0.00	$0.00
51	Dedicated Artifact Storage	A bunch of disks					$5,000.00	5%	10%	$250.00	$750.00	$1,250.00
52	Secure Room	leased space from internal business								$0.00	$0.00	$0.00
53	Safe						$500.00			$0.00	$0.00	$0.00
54	Shredder						$1,000.00			$0.00	$0.00	$0.00
55	Crusher	Outsourced, as needed			Yes	Iron Mountain	$500.00			$0.00	$0.00	$0.00
56	Forensics - Host Based
57	Network Collection of Memory		Yes	Incident Response	Yes					$0.00	$0.00	$0.00
58	Network Collection of Host File System		Yes	Incident Response	Yes	Retainer for all forensic analysis	$100,000.00	10%	10%	$10,000.00	$20,000.00	$30,000.00
59	Local Collection of Memory		Yes	Incident Response	Yes					$0.00	$0.00	$0.00
60	Local Collection of Host		Yes	Incident Response	Yes					$0.00	$0.00	$0.00
61	Hardware write blockers (potentially enumerate all drive types)		Yes	Incident Response	Yes					$0.00	$0.00	$0.00
62	Key Escrow for Full Disk Encryption		Yes	Incident Response	Yes					$0.00	$0.00	$0.00
63	Mobile Device Collection		Yes	Incident Response	Yes					$0.00	$0.00	$0.00
64	Examination Workstations		Yes	Incident Response	Yes					$0.00	$0.00	$0.00
65	Forensic Software - Workstation/ Server		Yes	Incident Response	Yes					$0.00	$0.00	$0.00
66	Forensic Software - Mobile		Yes	Incident Response	Yes					$0.00	$0.00	$0.00
67	Forensic Software - Cloud		Yes	Incident Response	Yes					$0.00	$0.00	$0.00
68	IOC Collection Servers / Information Access		Yes	Incident Response	Yes					$0.00	$0.00	$0.00
69	Network IDS		Yes	Incident Response	Yes					$0.00	$0.00	$0.00
70	Log Access - real time		Yes	Incident Response	Yes					$0.00	$0.00	$0.00
71	Log Access - archival		Yes	Incident Response	Yes					$0.00	$0.00	$0.00
72	Host IDS		Yes	Incident Response	Yes					$0.00	$0.00	$0.00
73	Host Event Logs		Yes	Incident Response	Yes					$0.00	$0.00	$0.00
74	Forensics - Network Based
75	Examination Workstations					As above, retainer for all forensic analysis				$0.00	$0.00	$0.00
76	Network Log Access									$0.00	$0.00	$0.00
77	Full Packet Capture (PCAP)									$0.00	$0.00	$0.00
78	Modeling / Testing									$0.00	$0.00	$0.00
79	Storage and Retention Capability									$0.00	$0.00	$0.00
80	Network IDS									$0.00	$0.00	$0.00
81	Forensic Software - Cloud									$0.00	$0.00	$0.00
82	IOC Collection Servers / Information Access									$0.00	$0.00	$0.00
83	Log Access - real time									$0.00	$0.00	$0.00
84	Log Access - archival									$0.00	$0.00	$0.00
85	Forensics - Reverse Engineering
86	Disassemblers					As above, retainer for all forensic analysis				$0.00	$0.00	$0.00
87	Debuggers									$0.00	$0.00	$0.00
88	Sandboxes									$0.00	$0.00	$0.00
89	Malware Detonation Devices									$0.00	$0.00	$0.00
90	Modeling / Testing									$0.00	$0.00	$0.00
91	Non-attributable network connections									$0.00	$0.00	$0.00
92	Research Network									$0.00	$0.00	$0.00
93	Honeypots									$0.00	$0.00	$0.00
94	Forensics - eDiscovery
95	Network Agents for Host Based Collection	n/a								$0.00	$0.00	$0.00
96	Backup Inventory	tape library								$0.00	$0.00	$0.00
97	Key Word Search / Selection	n/a								$0.00	$0.00	$0.00
98	User Activity Collection	Windows Event Logs	No	Network Security Monitoring						$0.00	$0.00	$0.00
99	Host based information collection capability									$0.00	$0.00	$0.00
100	Self-Assessment - Configuration Monitoring