The purpose of this cooperative agreement is to apply the usage of automation to enhance and speed the evaluation of threat Indicators of Compromise (IOC) at the state and local government levels.

In addition, the pilot will identify key areas for potential reduction of manual tasks by humans

credit: Wikimedia Commons via Flickr

How's Your Community Doing?
Check Out it's
Community Vital Signs

and actionable information sharing across enterprises and SLTT.

The pilot will also identify orchestration services needed to integrate the activities of sensing, understanding, decision-making, and acting.

The grant recipient may select up to five states and/or localities to participate in the pilot project.

The pilot project will focus on developing model processes, methods, and accompanying policies and procedures that can be applied by SLTT to accomplish the following:
Action upon IOCs within minutes of receipt.

Reduce time spent on repetitive tasks.

Provide generation, enrichment and scoring of IOCs.

Receipt, remediation and response to IOCs.

Demonstrate the use of Security Orchestration, Automation, and Response (SOAR) operational procedures and capabilities combined with information sharing to make data more actionable and enable consistent execution at and across SLTT levels.

Development of repeatable processes for orchestration and automation services that bridge existing SLTT policies with SOAR capabilities.