EU solidarity with Ukraine

Call for tenders' details

Please note that Section 6.5 of the Annex 4 - Terms of Reference - has been slightly amended. Therefore, the deadline for receipt of tenders has been extended until 10/07/2020. If possible, please send electronic documents scanned with OCR (optical character recognition) on. Thank you!
Title:
Provision and Management of Necessary Transversal Cloud Security and Integration...
Contracting authority:
European Investment Fund
TED publication date:
25/05/2020
Time limit for receipt of tenders:
10/07/2020
Status:
Closed
Status
02/06/2020
04/06/2020
English (en)
Question details
Section 4.1.7 Vulnerability Scanning and Reporting Management File EN-Annex 4 - Terms of Reference.pdf
Hello, We have some questions regarding the Vulnerability Scanning: 1. What is the current vulnerability scanning toolset? What tools EIF prefer for scanning? 3. Is Vulnerability scanning included client applications like mobile apps? 4. Vulnerability scanning should be fully automation or partially? 5. reporting management dashboard should be intergrated to SOC or independency?
04/06/2020
1.There is no tool to date. 2.EIF is solution agnostic. EIF cannot impose a solution but favours a service provider that will particularly be agile regarding the expected reporting. 3.Client mobile apps are not included in primary scope but may be looked at in mid-long term. 4.It should be automated to the largest possible extend though manual exceptional scans may be requested from time to time. 5.There is nothing that prevents reporting to be part of a larger SOC dashboard that could help to follow vulnerabiities over time but EIF will be interested in exported individual reports to possibly work on the individual data too.