AI-Powered External Attack Surface and Cyber Threat Intelligence Services

RFP Issue Date: March 27th, 2026

Deadline for Questions: April 3rd, 2026

Closing Date and Time: April 15th, 2026, at 2:00 p.m. Local Time

The University in Baltimore, Maryland is seeking a vendor to provide AI-powered external attack surface and cyber threat intelligence services. This solution must deliver comprehensive visibility into the University's entire digital footprint by automatically mapping and monitoring all internet-facing assets, including IPs, domains, SSL certificates, and cloud instances, to identify and eliminate unauthorized IT systems ('Shadow IT').

The provider will be responsible for monitoring the Deep and Dark Web to identify leaked credentials and sensitive data, as well as mentions of the University on cybercriminal forums and marketplaces. Brand and executive protection measures are required to detect fraudulent websites, social media impersonations, and malicious mobile apps targeting University staff and students, and to facilitate rapid takedown of such threats.

Operational intelligence must include actionable Indicators of Compromise (IoCs) that integrate seamlessly with existing security infrastructure such as firewalls, SIEM, or XDR platforms. The service should feature real-time risk assessment and inventory of digital assets, 24/7 monitoring for lookalike domains and brand abuse, and the application of generative AI to help summarize sophisticated threat actor tactics and provide prioritized remediation guidance tailored to the University's technology environment. The contract is for a period of three years.