By On December 16, Elastic announced that it is partnering with the Cybersecurity and Infrastructure Security Agency (CISA) to develop a unified Security Information and Event Management as-a-Service (SIEMaaS) offering, using Elastic Security on Elastic Cloud. The new SIEMaaS will help to strengthen the security posture of U.S. federal civilian agencies by standardizing security data collection across agencies, enabling real-time threat detection and rapid incident response.
The commitment with CISA is part of a $26 million base-year contract through ECS, a provider of advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, and an ASGN (NYSE: ASGN Incorporated) brand. This contract has the opportunity to renew under the same terms for up to four additional years, for a total anticipated agreement value of up to $130M.
Building on their long-standing partnership with CISA and Elastic’s leadership in next-gen SIEM, Elastic and ECS will help design, host, and operate a new SIEMaaS on its FedRAMP-certified Elastic Cloud. The program will standardize cybersecurity monitoring across Federal Civilian Executive Branch Agencies (FCEBs) to enhance security with greater speed, scale, and operational consistency, while leveraging Elastic’s standards-based platform to significantly reduce costs associated with data access and retention.
The first tenant to adopt the SIEMaaS platform is a large FCEB agency. This first implementation will serve as the operational blueprint for broader rollout across additional federal entities, to accelerate time-to-protection and create a repeatable, cost-efficient model for shared cyber defense.
With cyber adversaries accelerating their use of supply chain attacks, identity-based intrusions, and zero-day exploits, agencies face mounting pressure to detect, investigate, and respond to threats in real time. Even with the advances spurred by Executive Orders 14028 and M-21-31, which have significantly advanced Zero Trust adoption and enhanced logging practices, gaps persist in achieving whole-of-government cyber visibility.
This SIEMaaS initiative directly addresses those gaps by delivering a shared, unified, cloud-hosted platform for large-scale data ingestion, threat analytics, and incident response, all powered by the Elasticsearch Platform—an open, extensible platform that manages both structured and unstructured data. The program will help break down legacy silos and enable CISA analysts and FCEB agencies to collaborate on accessible, unified cyber defense.
“Federal agencies remain a top target for cyber adversaries, and the current pace and complexity of attacks demand a new operational model,” said Ash Kulkarni, CEO of Elastic. “By consolidating cybersecurity telemetry into a shared, cloud-based SIEM service built on Elastic’s platform, CISA is setting a new standard for speed, scale, and collective defense across civilian agencies.”
Source: Elastic
Time is running out — become a paid subscriber to IC News today, and lock in subscription rates at 2025 prices. You’ll get full access to breaking news from across the IC contracting space, with new articles each weekday.
