Veterans Affairs Department Seeking Software for Determining Data Leaked from Shady Web

The Veterans Affairs Department has issued a request to provide details about commercial software which will hunt exploited data of the agency by any shady website. Within one notice published on FedBizOpps last Thursday, the department expressed its interest in certain technology which would utilize a data hash for encrypted data alternatively some pattern matching program for scouring the grey Web to find any VA-sourced data as well as reporting those findings to the agency.

Original requirement of VA is software which will merge with the present applications and network of the department while simultaneously fulfill the IT security policies of the agency. Usual kind of Web-scouring software works via any server and doesn't have specific requirements. Scanners put to search the shady Web require operating through 12P protocols and Tor technology. Besides, data from grey Web unload forums/portals that frequently alter their URLs; therefore it's necessary that the software automatically finds new links alternatively presents vibrant grey Web domains for scrutiny.

The software should pick VA data followed with creating certain hash that's one-way encrypted alternatively creating a pattern matching system out of that data to ensure neither any source without affiliation to VA else not working with the agency, nor any vendor can utilize and/or find out that data to use it for any reason except the current exercise. Clearly, VA doesn't wish that any intermediate contractor gains admission into its data, however, just utilizes file-hashes to determine exposed data. Softpedia.com posted this, May 15, 2016.

Veterans Affairs' requirement is one good dashboard thereby letting its staff utilize the software devoid of knowing how to determine exposed department data. The software should manage in telling whether personal information of an erstwhile military member slipped out from any other source, for instance OPM.

Additionally, there must be security measures incorporated into the software such that no outside attacker can leverage the program for viewing existing department computers. Further, the software must safeguard protected health or personally identifiable information from hacks.

The department isn't seeking software which would run only on special servers for that would entail extra costs the United States government seeks towards reducing.

» SPAMfighter News - 5/20/2016