Notice ID: 24-68-A-PMO-OITA
The IRS is seeking information on AI- and/or ML-based application security testing tools’ functionalities and capabilities, including these and more:
- Provide just-in-time identification of vulnerabilities and easy-to-understand remediation assistance to developers during coding and unit testing.
- Recommend secure coding practices and strategies for mitigating identified vulnerabilities.
- Produce real-time, actionable, and trusted findings.
- Automate and perform rapid testing.
- Identify potential security threats and automate security policy enforcement.
- Automate risk analysis and threat modeling.
- Support Continuous Authorization to Operate (cATO) process.
- Scalable and easy to integrate, deploy, and maintain.
Description of Contemplated Services
The IRS performs application security testing of mission-critical IRS applications. This RFI is being issued with a goal of enabling cATO process by identifying AI- and/or ML-based application security testing capabilities that are available now or have a defined General Availability (GA) date within the next year. These capabilities must improve upon legacy application security testing tools, such as Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST). Significant AI or ML improvement on Interactive Application Security Testing (IAST) and/or Software Composition Analysis (SCA) tools also is desired.
Not Yet a Premium Partner/Sponsor? Learn more about the OS AI Premium Corporate and Individual Plans here. Plans start at $250 annually.