GSA MAS Schedule Services

Contract Information

Points of Contact

Frank Quinones
Program Manager
703-234-7880
francisco.quinones@skyepoint.com

Ray Schmidt
Contract Administrator
703-234-7880
ray.schmidt@skyepoint.com

Contract Details

Contract Number:
GS-35F-0216Y

Prompt Payment Terms:
Negotiated at the Task Order Level

Contract Documents

GSA eLibrary
Schedule/Pricelist

GSA MAS SCHEDULE
Information Technology (IT) Professional Services

PRIME CONTRACTOR
GSA MAS SCHEDULE (GS-35F-0216Y) – SIN 54151S

SkyePoint Decisions’ General Services Administration (GSA) Multiple Award (MAS) Schedule Contract Vehicle (GS-35F-0216Y) provides access to professional services for federal, state, and local government agencies to address customer requirements and provides a flexible, efficient method for directly acquiring SkyePoint Decisions’ services.

Special Item Number (SIN) 54151S (old SIN 132-51) – Information Technology (IT) Professional Services provides access to the following services:

Cloud Service
(All Associated Labor)
Cognitive ComputingConversion and Implementation Support
Database Planning
and Design
Internet of Things
(IOT)
IT Project Management
Migration Services
(of All Kinds)
Network ServicesProgramming
Resources and Facilities ManagementSystems Analysis, Design, and ImplementationOther Services Relevant to
29 CFR 541.400

GSA MAS SCHEDULE
Highly Adaptive Cybersecurity Services (HACS)

PRIME CONTRACTOR
GSA MAS SCHEDULE (GS-35F-0216Y) – SIN 54151HACS

SkyePoint Decisions’ General Services Administration (GSA) Multiple Award (MAS) Schedule Contract Vehicle (GS-35F-0216Y) provides access to the Highly Adaptive Cybersecurity Services (HACS) Special Item Number (SIN) is available through the Information Technology Category (ITC) under the Multiple Award Schedule (MAS). HACS provides agencies quicker access to key support services from technically evaluated vendors that expand agencies’ capacity to test their high-priority IT systems; rapidly address potential vulnerabilities; and stop adversaries before they impact agency networks.

Special Item Number (SIN) 54151HACS (old SIN 132-45) – Highly Adaptive Cybersecurity Services provides access to the following services:

High Value Asset Assessments (HVA) – include Risk and Vulnerability Assessment (RVA) which assesses threats and vulnerabilities, determines deviations from acceptable configurations, enterprise or local policy, assesses the level of risk, and develops and/or recommends appropriate mitigation countermeasures in operational and non-operational situations. See the section below on RVA for details on those services. Security Architecture Review (SAR) evaluates a subset of the agency’s HVA security posture to determine whether the agency has properly architected its cybersecurity solutions and ensures that agency leadership fully understands the risks inherent in the implemented cybersecurity solution. The SAR process utilizes in-person interviews, documentation reviews, and leading practice evaluations of the HVA environment and supporting systems. SAR provides a holistic analysis of how an HVA’s individual security components integrate and operate, including how data is protected during operations. Systems Security Engineering (SSE) identifies security vulnerabilities and minimizes or contains risks associated with these vulnerabilities spanning the Systems Development Life Cycle. SSE focuses on but is not limited to the following security areas: perimeter security, network security, endpoint security, application security, physical security, and data security.

Risk and Vulnerability Assessment assesses threats and vulnerabilities, determines deviations from acceptable configurations, enterprise or local policy, assesses the level of risk, and develops and/or recommends appropriate mitigation countermeasures in operational and non-operational situations. The services offered in the RVA sub-category include Network Mapping, Vulnerability Scanning, Phishing Assessment, Wireless Assessment, Web Application Assessment, Operating System Security Assessment (OSSA), Database Assessment, and Penetration Testing.

Cyber Hunt activities respond to crises or urgent situations within the pertinent domain to mitigate immediate and potential threats. Cyber Hunts start with the premise that threat actors known to target some organizations in a specific industry or with specific systems are likely to also target other organizations in the same industry or with the same systems.

Incident Response (IR) – services help organizations impacted by a cybersecurity compromise determine the extent of the incident, remove the adversary from their systems, and restore their networks to a more secure state.

Penetration Testing (PT) – is security testing in which assessors mimic real-world attacks to identify methods for circumventing the security features of an application, system, or network.