The client seeks a vendor to provide comprehensive network operations and security operations center (NOC/SOC) software solutions, such as CrowdStrike or an approved equivalent, focused on enterprise End Point Detection and Response (EDR) and Security Information and Event Management (SIEM) licensing. The software must enable real-time detection, prevention, and automated remediation of endpoint threats; correlate network, user, and endpoint events to identify advanced persistent threats; and maintain 24/7/365 monitoring, alerting, and incident response within a hybrid IT environment.

The selected solution must support rapid deployment through a proof-of-concept and phased rollout, deploy cloud-native endpoint protection agents across both Windows and Linux environments, and provide scalable, cloud-hosted SIEM to handle millions of events per day. The system should enrich logs with threat intelligence feeds and incorporate behavior-based detection, machine learning, and rollback remediation features, with an API-first design for telemetry export, policy automation, and vulnerability scanning.

Additional requirements include real-time host isolation, scripted remediation, integration with ticketing systems, managed threat hunting with custom query capabilities, ingestion of logs from various sources, and support for compliance reporting (e.g., PCI DSS, FTA). The platform should integrate seamlessly with the endpoint protection system, support automation of containment actions, and enable dashboarding, scheduled, and ad-hoc API reporting. The contract period is one year.