Highly Adaptive Cybersecurity Services (HACS)

GSA has established four (4) new Highly Adaptive Cybersecurity Services (HACS) Special Item Numbers (SINs) on IT Schedule 70, in support of the President’s Cybersecurity National Action Plan (CNAP) and the Cybersecurity Strategy and Implementation Plan (CSIP). The HACS SINs will allow agencies quicker and more reliable access to key, pre-vetted support services that will expand agencies’ capacity to test their high-priority IT systems, rapidly address potential vulnerabilities, and stop adversaries before they impact our networks.

The HACS SINs feature high quality cybersecurity vendors offering federal, state, and local governments the following services:

  • 132-45A Penetration Testing is security testing in which assessors mimic real-world attacks to identify methods for circumventing the security features of an application, system, or network.

  • 132-45B Incident Response services help organizations impacted by a Cybersecurity compromise determine the extent of the incident, remove the adversary from their systems, and restore their networks to a more secure state.

  • 132-45C Cyber Hunt activities are responses to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats. Cyber Hunt activities start with the premise that threat actors known to target some organizations in a specific industry, or specific systems, are likely to also target other organizations in the same industry or with the same systems.

  • 132-45D Risk and Vulnerability Assessment conduct assessments of threats and vulnerabilities, determines deviations from acceptable configurations, enterprise or local policy, assesses the level of risk, and develops and/or recommends appropriate mitigation countermeasures in operational and non-operational situations. This SIN offers the following services: 
    • Network Mapping
    • Vulnerability Scanning
    • Phishing Assessment 
    • Wireless Assessment 
    • Web Application Assessment 
    • Operating System Security Assessment (OSSA) 
    • Database Assessment 
    • Penetration Testing

Back to Top

How to Order

Make purchases through eBuy and GSA Advantage! or issue an RFI or RFQ and allow vendors to respond to your requirements. Federal, state, and local governments can purchase products, services, and solutions through IT Schedule 70. 

Back to Top

State and Local Government Ordering

State and local governments can buy technology via Schedule 70 through the GSA Cooperative Purchasing Program. To find out if your government entity qualifies, or what fees may apply, refer to the Cooperative Purchasing FAQs.

Back to Top

Features and Benefits

The HACS SINs offer:

  • Access to pool of technically evaluated cybersecurity vendors
  • Rapid ordering and deployment of services
  • Reduction in open market ordering and contract duplication
  • Cybersecurity/Acquisition support resources from GSA 

Back to Top

Acquisition Resources

Browse our Acquisition Resources page for resources useful for acquisition help or download our SOW and RFQs below to get started.

  • Experts are available to advise federal agencies on procurements
  • Statement of Work and Request for Quote Templates
  • Quick-start ordering procedure on the Acquisition Gateway
  • Contact the HACS Team at HACS@gsa.gov

Back to Top

Statement of Work and Request for Quote Templates

Back to Top

Last Reviewed 2016-11-08