Procurement vehicles | Raven IT Services

In order to balance the need for open, competitive opportunity with the demands for urgent specialized situations, alternative procurement practices and vehicles have been created for government use. To facilitate the procurement process for our valued clients, Raven IT Services, through association with its partners, has access to the following procurement vehicles:

Software Licensing Supply Arrangement (SLSA)

The SLSA procurement vehicle addresses the delivery of various commercial software licenses and related commercial software maintenance and support, as required by Canada, in support of its various programs, operational needs and projects. Raven IT Services has access to the following solutions on the SLSA:

Based on a unique system-analysis technology, Stormshield is the only solution that provides proven protection against targeted attacks and APT even when unknown. Entirely invisible to users and well suited to large-scale deployments, Stormshield federates, in a single agent, all the security services required for the protection of computers and servers, from monitoring peripheral devices to hard disk encryption. Stormshield delivers protection to all risks faced by laptop and desktop computers: vulnerabilities, known and unknown attacks, inappropriate usage of applications, unauthorized connections, theft of critical data. Stormshield distinguishes itself from other solutions by its truly unique HIPS, able to proactively block even the most sophisticated targeted attacks. Even when used in the most demanding environments, Stormshield delivers an unparalleled level of security, whilst remaining completely invisible to users.

Stormshield Data Security allows controlling the confidentiality of sensitive information while enjoying the advantages of cloud-based collaboration in today’s mobile world. This security solution o­ffers end-to-end encrypted security in exchanges and collaboration. The identification of users and verification of their security keys through the solution in the trusted zone guarantees their authentication.

The unique Stormshield Data Security tool’s main features include:

Control over data

  • Seamless encryption of local or shared folders
  • Automated encryption
  • Integration with mail clients for electronic mail signature and confidentiality
  • Security of data shared confidentially between internal and external collaborators
  • Confidentiality of data contained in a virtual volume

Authentication and destruction

  • Sign any type of file
  • Help provided for digitizing administrative and sales procedures
  • Secure and irreversible deletion of files and folders

Centralized administration

  • Manage security policies

Nexpose vulnerability management software, proactively scans your environment for misconfigurations, vulnerabilities, and malware and provides guidance for mitigating risks. Experience the power of Nexpose vulnerability management solutions by:

  • Knowing the security risk of your entire IT environment including networks, operating systems, web applications and databases.
  • Exposing security threats including vulnerabilities, misconfigurations and malware.
  • Prioritizing threats and getting specific remediation guidance for each issue.
  • Integrating with Metasploit to validate security risk in your environment.

Metasploit penetration testing software gives  a clear view as to what vulnerabilities can easily be exploited within your environment so you can focus on the most critical vulnerabilities.

  • Safely simulate attacks on your network to uncover pressing security issues.
  • Use with Nexpose to assess and validate security risks in your environment.
  • Verify your defenses, security controls and mitigation efforts.
  • Manage phishing exposure, and audit web applications.

Mobilisafe is the only mobile risk management solution that automatically performs a mobile risk assessment of all the devices in your organization and provides easy-to-use tools to eliminate these risks. The mobile ecosystem is complex and software updates require coordination between handset manufacturers, OS vendors and carriers, and can take months to deploy, creating large windows of risk. If you are looking to gain an overall view of your mobile threat landscape you should perform a mobile risk assessment to get a clear view as to what risks need to be eliminated to maintain company security. In order to achieve this, you need a mobile risk management solution like Mobilisafe.

ControlsInsight is a security solution that centralizes critical controls information to provide a complete picture of how well an organization is protected against the threats most likely to affect them. Supported by leading security experts and industry best practices, Rapid7 has developed and patented an intelligent model relating today’s threat landscape to the effectiveness of compensating controls. Controls Insight applies this model to an organization’s environment to prioritize actions for the greatest progress towards improving endpoint security, with step-by-step guidance for easy implementation.

Only Rapid7 UserInsight provides visibility into user activity across on-premise, cloud and mobile environments. Traditional monitoring tools have focused on monitoring traffic between assets within the firewall but this paradigm is failing as more activity occurs outside the perimeter in cloud services or on user-supplied devices. In addition to tracking activity on traditional sources such as the firewall and web proxy, UserInsight deeply integrates with ActiveSync to monitor mobile devices and key cloud services such as SalesForce and Box. This means that you get visibility when users are accessing corporate resources even if they’re not on a corporate network or are using their own devices.

Manage any Windows desktop, physical or virtual, across multiple devices, locations and delivery mechanisms with AppSense’s DesktopNow Suite. AppSense seamlessly spans physical and virtual desktops managing all aspects of the user, independent of the desktop.

The DesktopNow Suite enables you to deliver the fastest, easiest and lowest cost desktop ever to your users. With user abstraction, operating systems and applications can be seamlessly managed, delivered and upgraded independently of user settings and data.  This significantly reduces operational costs, streamlines desktop management and ensures a seamless user experience across all platforms, all without compromising IT security.

AppSense DataNow enables simple, secure access, sync and sharing of files from any device, while also helping you get more out of the storage you already have. Their unique data broker, delivered as a turn-key virtual appliance, integrates simply with your existing Active Directory and on-premises storage locations such as file servers and Microsoft SharePoint. DataNow puts IT teams in complete control over where files are stored and provides granular policy control over how data is accessed.

AppSense is the leading provider of User Environment Management solutions. AppSense user virtualization technology allows IT to deliver unprecedented user productivity while securing and simplifying workspace management at scale across physical, virtual, and cloud-delivered desktops. The AppSense Platform, which includes the Environment Manager, the Application Manager and the Performance Manager, has been deployed to over 7.5 million endpoints.

Bromium is re-inventing enterprise security with its powerful new technology, micro-virtualization, which was designed to protect businesses from advanced malware by design, while simultaneously empowering users and delivering real-time threat intelligence to IT. Unlike traditional security methods, which rely on complex and ineffective detection techniques, Bromium protects against malware from the Web, email or USB devices, by automatically isolating each user-task at the endpoint in a hardware-isolated micro-VM, preventing theft or damage to any enterprise resource.

Elastic is a search company that powers three solutions built on one powerful stack: the Elastic Stack. Deploy them anywhere (from the cloud to bare metal) to instantly find actionable insights from any type of data. As the creators of the Elastic Stack (Elasticsearch, Kibana, Beats, and Logstash), Elastic builds self-managed and SaaS offerings that make data usable in real-time and at scale for use cases like application search, site search, enterprise search, logging, APM, metrics, security, business analytics, and many more.

Elastic Stack

Some of the world’s largest organizations use the Elastic Stack to stay ahead of threats. Elasticsearch, Kibana, Beats, and Logstash, also known as the ELK Stack, reliably and securely take data from any source, in any format, then search analyze and visualize it in real time.

Elastic SIEM

Secure and streamline your organization with Elastic SIEM and Elastic Endpoint Security. SIEM is now better than ever, with a network of host data integrations, shareable analytics based on Elastic Common Schema (ECS), and an interactive workspace to triage events and perform investigations.

Elastic Endpoint Security

Elastic Endpoint Security is the only endpoint protection product to fully combine prevention, detection, and response into a single, autonomous agent. It’s easy to use, built for speed, and stops threats at the earliest stages of attack. By integrating endpoint security and SIEM, Elastic Security provides prevention, collection, detection, and response capabilities for unified protection across your infrastructure. Built on the Elastic Stack and powered by the open source community, Elastic Security equips security practitioners to protect their organizations.

BlueCat Networks is a leading provider of smart, simple, scalable IP Address Management (IPAM) solutions. With tightly-integrated IP core services, their software solutions give organizations the power to centrally manage “everything IP” in their network from a single pane of glass. The result is a dynamic network that is more resilient, cost effective and easier to manage.

The BlueCat IPAM IPv6-ready platform is the only IPAM solution that delivers a unified approach to mobile security, address management, automation and self-service.

Organisations rely on the Anomali Threat Platform to detect threats, understand the adversary, and respond effectively. Anomali arms security teams with machine learning optimised threat intelligence and identifies hidden threats targeting their environments. Anomali enables organisations to collaborate and share threat information among trusted communities and is the most widely adopted platform for ISACs worldwide.

Anomali ThreatStream aggregates threat intelligence under one platform, providing an integrated set of tools to support fast, efficient investigations, and delivering “operationalized” threat intelligence into security controls at machine speed.

Anomali Match uses all available intelligence and telemetry to deliver comprehensive threat detection at machine speed. You get faster Mean Time to Detection, reduced cost of security incidents, and more efficient security operations.

Anomali Lens uses Natural Language Processing (NLP) to automatically scan and identify threat data in any web-based content, reducing the time required to research and understand threats.

D3 Security’s Security Orchestration, Automation, and Response (SOAR) Platform is the foundation of the world’s most advanced security operations. The automated incident response and case management solution enables full-lifecycle incident management, relieving the pressure on analysts and SOCs, while helping organizations to rapidly remediate incidents and generate a comprehensive log of incidents and actions taken.

D3 integrates with an organization’s entire security infrastructure to intake alerts from SIEM, endpoints, firewalls, and other tools. All alerts are automatically enriched with contextual data from domain, reputation, malware, endpoint, and threat intelligence sources.

D3 excels at automated report capture, which supports the need for compliance and ensures that all actions are documented and will stand up in a court of law. Without a SOAR platform, the reporting and logging necessary to create a proper audit trail of an investigation is nearly impossible.

D3 has been a trusted partner to US manufacturers since 1999, and we will continue to partner with those that demand the best.

The ServiceNow Platform serves as the back bone for Digital Transformation, by providing a single secure common service layer in the enterprise connecting IT, AI , ML , Security, HR, Customer Care and other business units through Intelligent Applications.

Built on the Now Platform, their product portfolio delivers the IT, Employee, and Customer Workflows that matter—with enterprise solutions to help drive every part of your digital transformation. In turn, this allows you to:

  • Create the great experiences you want and unlock the productivity you need.
  • Transform the IT experience with digital workflows that make everyday work fast, easy, and productive. Deliver high‑performance business services with visibility and AIOps. And respond faster to security incidents, vulnerabilities, and enterprise risk.
  • Help employees get what they need, when they need it with Employee Workflows, so work happens smoothly across siloed systems and departments. Start reimagining ways to deliver a next generation employee experience and unlock enterprise‑wide productivity.
  • Your business depends on great customer service, so give them the fast, simple, and easy experiences they deserve with Customer Workflows. Now’s the time to delight customers with proactive service from issue to resolution.
  • Simplify the complexity of work on a single, enterprise cloud platform.
  • The Now Platform is an intelligent and intuitive cloud platform for work.
  • Get native platform intelligence, so you can predict, prioritize, and proactively manage the work that matters most. Deliver intuitive experiences, so you can work in ways that work best for you.
  • The Now Platform is an ecosystem built for your Digital Transformation Journey.

Alsid is a cybersecurity vendor specializing in defending the common denominator of most attacks we see in the wild: Active Directory (AD) infrastructures. As a fully-automated cloud solution, Alsid for Active Directory (AD) provides users with step-by-step, tailored recommendations for hardening their AD, a real-time attack detection engine, as well as capabilities for investigating AD breaches when they unfortunately occur. 

Whether in the cloud or on-prem, Alsid is easy to deploy and operate–no specialized security knowledge required.
Founded by former ANSSI technical experts, Alsid is protecting over 3 million users across 4 continents to help safeguard against advanced attacks. With the numerous recent attacks exploiting Active Directory weaknesses, it’s time to care about your AD security.

The Exabeam Security Intelligence Platform provides organizations of all sizes with end-to-end detection, analytics, and response capabilities from a single security management and operations platform.  Exabeam SIP includes Exabeam Log Manager, a modern log management system, built on top of ElasticSearch to provide unlimited data ingestion at a predictable, cost effective price. Exabeam SIP detects complex, multi-stage threats using the analytics capabilities of Exabeam Advanced Analytics; the world’s most deployed User and Entity Behavior Analytics (UEBA) solution. Finally, Exabeam SIP improves incident response efficiency with Exabeam Incident Responder, an API based security orchestration and automation solution. 

Tufin simplifies management of some of the largest, most complex networks in the world, consisting of thousands of firewall and network devices and emerging hybrid cloud infrastructures. Enterprises select the company’s Tufin Orchestration Suite™ to increase agility in the face of ever-changing business demands while maintaining a robust security posture. The Suite reduces the attack surface and meets the need for greater visibility into secure and reliable application connectivity. With over 2000 customers since its inception, Tufin’s network security automation enables enterprises to implement changes in minutes instead of days, while improving their security posture and business agility.

ZeroFOX, the global category leader in Digital Risk Protection, safeguards modern organizations from dynamic security risks across the public attack surface including social media, mobile application, surface, deep and dark web, email and domains, and digital collaboration platforms. With complete global coverage and an artificial intelligence-based analysis engine, the ZeroFOX Platform identifies and remediates targeted phishing attacks, credential compromise, data exfiltration, brand hijacking, executive and location threats, and more. The patented ZeroFOX Platform technology processes and protects millions of posts, messages, and accounts daily across the social and digital landscape, spanning LinkedIn, Facebook, Slack, Instagram, Pastebin, YouTube, mobile app stores, domains, cloud-based email, and more. 

SBIPS is a Government-wide fixed price method of supply for professional services that provides a complete operational solution to a requirement. SBIPS can also cover consulting services that are typically team based and deliverable focused including advisory work. It can be applied to end-to-end project work, or to the supply of a solution to a business problem.

Under SBIPS Tier 1, Raven IT Services in joint venture with Cyberun ITSS, is eligible for requirements up to $3.75M in value. Raven IT Services has access to the following categories under SBIPS SA# EN53705IT01/045/EI, in both the regular stream and Aboriginal Set Aside (ASA) stream:

  • Security Management services
  • Systems Integration

ProServices replaces the Professional Services (PS) Online System and its 66 categories by 150 categories from Task and Solutions Professional Services [task based] (TSPS) and Task Based Informatics Professional Services (TBIPS). ProServices is a professional services mandatory method of supply for requirements below the North American Free Trade Agreement (NAFTA) threshold. The ProServices streams and categories are the same streams and categories as what is offered in the Task Based Informatics Professional Services (TBIPS) and the Task and Solutions Professional Services (TSPS – task portion only) methods of supply. For requirements not exceeding $100,000.00.

Raven IT Services has access to Stream 1 – (A) Application Services for the following select roles:

  • Application/Software Architect
  • ERP Functional Analyst
  • ERP Programmer Analyst
  • ERP System Analyst
  • ERP Technical Analyst
  • Programmer/Software Developer
  • Programmer/Analyst
  • System Analyst
  • System Auditor
  • Test Coordinator
  • Tester
  • WEB Designer
  • WEB Developer
  • WEB Graphics Designer
  • Webmaster

Raven IT Services has access to Stream 3 – (I) Information Management IT Services for the following select roles:

  • Data Conversion Specialist
  • Database Administrator
  • Database Analyst
  • Database Modeller / IM Modeller
  • IM Architect
  • Network Analyst
  • System Administrator
  • Technical Architect
  • Technology Architect

Raven IT Services has access to Stream 4 (B) Business Services.  Stream 4 encompasses the following roles:

  • Business Analyst
  • Business Architect
  • Business Consultant
  • Business Continuity/Disaster Recovery Specialist
  • Business Process re-engineering (BPR) Consultant
  • Business System Analyst
  • Business Transformation Architect
  • Courseware Developer
  • Help Desk Specialist
  • Instructor, IT
  • Network Support Specialist
  • Operations Support Specialist
  • Technical Writer

Raven IT Services has access to Stream 5 – (P) Project Management Services for the following select roles:

  • Change Management Consultant
  • Enterprise Architect
  • HR Consultant
  • Project Executive
  • Project Administrator
  • Project Coordinator
  • Project Leader
  • Project Manager
  • Project Scheduler
  • Quality Assurance Specialist/Analyst
  • Risk Management Specialist
  • Independent IT Project Review Team Leader
  • Independent IT Project Reviewer

Raven IT Services is an authorized supplier for ProServices in Stream 6 – (C) Cyber Protection Services for the following select roles: 

  • Strategic IT Security Planning and Protection Consultant
  • IT Security Methodology, Policy and Procedures Analyst
  • IT Security TRA and C&A Analyst
  • IT Security Product Evaluation Specialist
  • Public Key Infrastructure (PKI) Specialist
  • IT Security Engineer
  • IT Security Design Specialist
  • Network Security Analyst
  • IT Security Systems Operator
  • IT Security Installation Specialist
  • IT Security Vulnerability Analysis (VA) Specialist
  • Incident Management Specialist
  • Physical IT Security Specialist
  • IT Security Research and Development (R&D) Specialist
  • Computer Forensics Specialist
  • Privacy Impact Assessment (PIA) Specialist
  • Emanations Security (EMSEC) Security Specialist

Raven IT Services has access to both the regular stream and Aboriginal Set Aside stream.

Task-Based Informatics Professional Services (TBIPS)

TBIPS is a major GC procurement vehicle that is completely dedicated to IT categories. It was introduced to consolidate and replace the variety of generalist procurement vehicles that were formerly used for IT services. TBIPS does not have a dollar maximum and contracts can be structured with a provision for option years, thereby facilitating contract extensions when required.

Raven IT Services is qualified in Stream 1 (A) Application Services.  Stream 1 encompasses the following roles:

  • Application/Software Architect
  • ERP Functional Analyst
  • ERP Programmer Analyst
  • ERP System Analyst
  • ERP Technical Analyst
  • Programmer/Software Developer
  • Programmer/Analyst
  • System Analyst
  • System Auditor
  • Test Coordinator
  • Tester
  • WEB Designer
  • WEB Developer
  • WEB Graphics Designer
  • Webmaster

Raven IT Services is qualified in Stream 3 (I) IM/IT Services.  Stream 3 encompasses the following roles:

  • Data Conversion Specialist
  • Database Administrator
  • Database Analyst
  • Database Modeller/IM Modeller
  • IM Architect
  • Network Analyst
  • System Administrator
  • Technical Architect
  • Technology Architect

Raven IT Services is qualified in Stream 4 (B) Business Services.  Stream 4 encompasses the following roles:

  • Business Analyst
  • Business Architect
  • Business Consultant
  • Business Continuity/Disaster Recovery Specialist
  • Business Process re-engineering (BPR) Consultant
  • Business System Analyst
  • Business Transformation Architect
  • Courseware Developer
  • Help Desk Specialist
  • Instructor, IT
  • Network Support Specialist
  • Operations Support Specialist
  • Technical Writer

Raven IT Services is qualified in Stream 5 (P) Project Management Services.  Stream 5 encompasses the following roles:

  • Change Management Consultant
  • Enterprise Architect
  • HR Consultant
  • Project Executive
  • Project Administrator
  • Project Coordinator
  • Project Leader
  • Project Manager
  • Project Scheduler
  • Quality Assurance Specialist/Analyst
  • Risk Management Specialist
  • Independent IT Project Review Team Leader
  • Independent IT Project Reviewer

Raven IT Services is qualified in Stream 6 (C) Cyber Protection Services.  Stream 6 encompasses the following roles:

  • Strategic IT Security Planning and Protection Consultant
  • IT Security Methodology, Policy and Procedures Analyst
  • IT Security TRA and C&A Analyst
  • IT Security Product Evaluation Specialist
  • PKI Specialist
  • IT Security Engineer
  • IT Security Design Specialist
  • Network Security Analyst
  • IT Security Systems Operator
  • IT Security Installation Specialist
  • IT Security VA Specialist
  • Incident Management Specialist
  • Physical IT Security Specialist
  • IT Security R&D Specialist
  • Computer Forensics Specialist
  • PIA Specialist
  • EMSEC Security Specialist

Raven IT is qualified in both the regular stream and Aboriginal Set Aside stream.

IT Security Products and Services VOR

Raven IT Services, through association with its partners, has access to this procurement vehicle in the following categories:

NETWORK SOLUTIONS SUPPLY CHAIN (NSSC) NATIONAL MASTER CONTRACTING VEHICLE

Shared Services Canada (SSC) has established a new procurement vehicle for network and security products and solutions designed to support the Federal Government Departments and Agencies. The NSSC vehicle will be used to consolidate and modernize Canada’s:

  • Local Area Network,
  • IT Security Services
  • WAN Connectivity and
  • Data Centre Network infrastructure
  • Power Management

Shared Services Canada clients will be able to obtain:

  • Maintenance and support Services for both new products as well as legacy security and network hardware
  • Remote monitoring and managed services

Through the NSSC, Shared Services Canada continues to fulfill its objective to reduce costs, increase security, and enhance program delivery to Canadian citizens and businesses. Click here for additional information.

Raven IT Services, through association with its partners, has access to this procurement vehicle.

Cyber Security Procurement Vehicle (CSPV)

Raven IT Services, through association with its partners, has access to the Cyber Security Procurement Vehicle (CSPV) ‘s Secure Supplier Ecosystem (SSE). This strategic sourcing methodology will enable Procurement and Vendor Relations (PVR) to rapidly procure technology, integration services, and solutions from a pre-qualified supplier ecosystem in order to effectively serve the Networks, Security and Digital Services (NSDS) branch in the execution of their mandate: create an all-inclusive, fully integrated, Government of Canada enterprise security infrastructure that will provide protection, visibility and threat response to cyberattacks.

With this procurement vehicle and SSE in place, Shared Services Canada will have met its overall goal to establish a collaborative environment between government and industry to provide the ability to quickly respond to emerging cyber threats, facilitate open dialogue on Canada’s requirements in order to improve interoperability and integration of technologies, increase access and agility, and streamline the procurement of cyber security requirements.

Government of Canada Cloud Services Framework Agreement

Federal departments now have greater access to ServiceNow’s best-in-class digital experiences. 

Raven IT Services, through association with its partners, has access to this Framework Agreement which is available to Shared Services Canada and its client and partner departments. It is part of ServiceNow’s commitment to helping the public sector modernize, drive efficiency and deliver better experiences for employees and citizens. ServiceNow can deliver on this commitment with its ability to deploy services and solutions overnight, provide government clients the ability to quickly and securely respond to issues, or supply citizen- and business-centric services. For additional information, go here.

Scroll to Top