SamSearch

    Closed Solicitation · DEPT OF DEFENSE

    VULNERABILITY DISCLOSURE PROGRAM ENTERPRISE MANAGEMENT SYSTEM (VDP EMS)

    Issued by DEPT OF THE AIR FORCE · FA7014 AFDW PK
    Sol. FA701425X000XSources SoughtANDREWS AFB, MD
    Closed
    STATUS
    Closed
    closed Jul 18, 2025
    POSTED
    Jul 15, 2025
    Publication date
    NAICS CODE
    541519
    Primary industry classification
    PSC CODE
    7A21
    Product & service classification

    AI Summary

    The Department of Defense Cyber Crime Center is seeking market research for an enterprise management system to enhance its Vulnerability Disclosure Program (VDP) and Defense Industrial Base (DIB) VDP. The system must support collaboration, compliance, and management, featuring workflows for vulnerability submission, integration with existing systems, and advanced analytics. Interested vendors should review the draft Performance Work Statement for detailed requirements and provide feedback. The response deadline has been extended to July 18, 2025.

    Contract details

    Solicitation No.
    FA701425X000X
    Notice Type
    Sources Sought
    Posted Date
    July 15, 2025
    Response Deadline
    July 18, 2025
    NAICS Code
    541519AI guide
    PSC / Class Code
    7A21
    Issuing Office
    FA7014 AFDW PK
    Sub-Agency
    DEPT OF THE AIR FORCE
    Agency
    DEPT OF DEFENSE
    Primary Contact
    Phelicha Silva
    City
    ANDREWS AFB
    State
    MD
    ZIP Code
    20762-6604

    Description

    The Department of Defense Cyber Crime Center (DC3) is conducting market research for an enterprise management system to support its Vulnerability Disclosure Program (VDP) and Defense Industrial Base (DIB) VDP. The system shall facilitate collaboration, compliance, and management of the VDPs. Key requirements include:

    • Enterprise-grade VDP platform license/subscription for two instances (DoD VDP and DIB VDP).
    • Vulnerability submission and management workflows.
    • Integration, via API, with DC3's Atlassian Jira-based Vulnerability Report Management Network (VRMN) systems.
    • Mediation support for researcher inquiries.
    • Tools and processes for effective vulnerability triage and resolution (e.g., CVSS scoring).
    • Advanced analytics and custom reporting capabilities.
    • Dedicated account team with customer support and customer success functions.

    Interested vendors are encouraged to review the attached draft Performance Work Statement (PWS) for detailed requirements and provide feedback on the PWS.

    7/14/2025 - Amended solicitation to extend response due date to 18 Jul 2025.

    Key dates

    1. July 15, 2025Posted Date
    2. July 18, 2025Proposals / Responses Due

    Frequently asked questions

    VULNERABILITY DISCLOSURE PROGRAM ENTERPRISE MANAGEMENT SYSTEM (VDP EMS) is a federal acquisition solicitation issued by DEPT OF DEFENSE. Review the full description, attachments, and submission requirements on SamSearch before the response deadline.

    SamSearch Platform

    Stop searching. Start winning.

    AI-powered intelligence for the right opportunities, the right leads, and the right time.

    Book a Demo