X
X

SW-30437 - USA (Virginia) - RFI for Vulnerability Disclosure Platform - Deadline January 15,2020

Product (RFP/RFQ/RFI/Solicitation/Tender/Bid Etc.) ID: SW-30437

Government Authority located in Virginia; USA based organization looking for expert vendor for CISA vulnerability disclosure platform.

[A] Budget: Looking for proposal

[B] Scope of Service:

Vendor needs to provide market research focused on identifying potential vendors as well as to gain technical feedback from industry on the government’s centralized vulnerability disclosure platform requirement.
- The platform provides a primary point of entry for vulnerability reporters to alert the government of potential issues on federal information systems for those agencies that participate in platform.
- The service provider screens obviously errant reports (“noise filtering”) and performs a base level of validation of the submitted report.
- The platform provides a clear way to track reported vulnerabilities and link reports that are related by reporter, vulnerability type, or other purpose.
- The platform provides a web-based communication mechanism between the reporter and the agency.
- The platform allows agency users to create and manage role-based accounts for their organization or sub organizations.
- The platform offers an application programming interface to take various actions on vulnerability reports or pull metrics.
- The platform provides metrics around reports, offering agencies and agency insight into the reporting process.
- The platform provides alerts to the reporter and agency users on updates, as well as to agency based on events of interest, metrics approaching or hitting defined thresholds, etc.
- Responsible for hosting and managing the platform, including administrative responsibilities, agency-user management, technical support, and maintaining the security of the platform in alignment with federal and department of homeland security requirements that authorize the system to operate.
- Provides screening and initial triage of submissions, validating it appears to be a real weakness displayed in the system.
- Provides users (vulnerability reporters, agencies) direct access to the platform feature set.
- Allows reporters to submit vulnerabilities, track submissions and their status, and maintain communication.
- Allows agencies to manage submissions and view summary statistics.
- Allows agency to adjudicate submissions where the agency is unknown (or has been unresponsive), view statistical data and trends, run reports, export data, and view agency submissions.  

[C] Eligibility:

Onshore (USA Only)

[D] Work Performance:

Performance of the work will be Offsite. Vendor needs to carry work in their office premises.

Expiry Date : Wednesday, 15 January, 2020

Category : Software, System and Application

Country : USA

State : Virginia

RFP Expired

You can either pay for Single RFP/Bid document or Subscribe with Monthly Subscription for whole Software, System and Application Category/Categories.

If you will obtain monthly subscription for Software, System and Applicationcategory/categories, you will be able to access all the RFPs from that Category. Here are the Monthly Subscription offers. So, subscribe for Monthly offers and get rid of Individual RFP payment.

*No commitment =
(1) There is no minimum commitment.
(2) You can subscribe for as less as 1 month and cancel it any time. If you subscribe for annual offer, you can cancel it any time within year.
(3) There is no partial refund policy after Monthly or Annual subscription. You will be required to use services for a Month (Or Year since you have availed discounted pricing).
(4) You can cancel your subscription any-time directly from your PayPal account to stop further recurring charges before next due date.
(5) You will be able to download all RFPs for subscribed Category or Location without any extra cost.

Similar RFPs