GSA awards GuidePoint all four Highly Adaptive Cybersecurity Services SINs

The General Services Administration (GSA) has awarded GuidePoint Security all four Highly Adaptive Cybersecurity Services (HACS) Special Item Numbers (SINs) on IT Schedule 70.

According to GSA, Schedule 70 is the largest, most widely used acquisition tool in the federal government. As an indefinite delivery/indefinite quantity (IDIQ) multiple award schedule, it provides direct access to products, services, and solutions from more than 4,700 certified industry partners.

The GSA HACS SINs recognize GuidePoint’s superior information security capabilities in support of the President’s Cybersecurity National Action Plan (CNAP) and the Cybersecurity Strategy and Implementation Plan (CSIP).

GuidePoint underwent a lengthy and rigorous evaluation, which included submission of numerous written documents as well as oral technical interviews.

“This was a comprehensive review of GuidePoint and our services,” Jim Quarantillo, GuidePoint’s Federal Partner, said. “Our team did an outstanding job explaining how our skilled professionals and technical expertise improve the overall information security integrity for our clients. Federal agencies, as well as state and local government agencies who work with us, will have confidence that we have been thoroughly vetted and are a superior option for all of their cybersecurity needs.”

The SINs are for:

  • 132-45A Penetration Testing: Security testing that mimics real-world attacks to identify methods for circumventing security features of an application, system, or network.
  • 132-45B Incident Response: Services to help organizations impacted by a cybersecurity compromise determine the extent of the incident, remove the adversary from their systems, and restore networks to a more secure state.
  • 132-45C Cyber Hunt: Responses to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats. Cyber Hunt activities start with the premise that threat actors known to target some organizations in a specific industry, or specific systems, are likely to also target other organizations in the same industry or with the same systems.
  • 132-45D Risk and Vulnerability Assessment: Assessments of threats and vulnerabilities, determines deviations from acceptable configurations, enterprise, or local policy, assesses the level of risk, and develops and/or recommends appropriate mitigation countermeasures in operational and non-operational situations. This SIN offers network mapping, vulnerability scanning, phishing assessment, wireless assessment, web application assessment, Operating System Security Assessments (OSSA), database assessment, and penetration testing.

“The Office of Management and Budget (OMB) will work closely with agencies to encourage them to buy cybersecurity services through IT 70, and OMB will partner with GSA to provide new capabilities and add more vendors as these SINs evolve and grow more robust in their offerings,” said Tony Scott, Federal Chief Information Officer, when the new SINs were announced.

With the SINs, GuidePoint’s subject matter experts will be available to support these agencies for all of their information security needs. Federal and government clients will have:

  • Access to pool of technically evaluated cybersecurity vendors
  • Rapid ordering and deployment of services
  • Reduction in open market ordering and contract duplication
  • Cybersecurity/acquisition support resources from GSA

For more information about HACS SINs, visit

About GuidePoint Security
Headquartered in Herndon, Virginia, GuidePoint Security provides innovative and valuable cybersecurity solutions and expertise that enable organizations to successfully achieve their missions. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification is with the System for Award Management (SAM). Learn more at: