Computer Audit Services - It Systems Security Check. Quantity Of Public Procurement: The Contracting Party Is Responsible For The Contracting Authority And The Designated Information Systems Of The Contracting Authority On The Basis Of The Unique Order Issued By The Contracting Authority As A Successful Tenderer During The Performance Of The Framework Contract Under This Procurement Procedure. Safety Control Of Its Applications (Information Security Test On Critical Systems), Which Includes Automated And Manual Vulnerability Tests, Penetration Test, And Source Code And Configuration Analysis, As Well As Unique Security Checks That Are Specific When The Task Is Arose. The Detailed Task Definition Is Contained In The Technical Description. Each Test Type (Test Catalog) May Be The Following, Planning To Draw, The Quantities Indicated Are Expected. [A] Infrastructure Test • The Contracting Party As A Winning Tenderer During The Investigation Shall Explain Technical Vulnerabilities Using Tenable Nessus Professional Software For Which Mavir Is Provided By The License. The Study Is An General Study That Extends To The Operating System And Its Configuration Elements. • Task To Configure The Nessus, Run The Test On -Site, And Evaluate And Document The Results. • The Tests Include Manual Control Of The Results Obtained, Where This Is Required To Clarify The Results. Quantitative Unit: Number Of Hosts To Be Examined. Expected Draws Under The Framework Contract: 200 Host Examination. [B] Web Application Pentest • Web Applications Are Tested Remotely For Publicly Available Mavir Web Applications (For This, The Contractor As A Winner Must Specify What Public Ip Addresses Will Be Tested), And Non-Public Web Applications Can Be Tested Primarily By Vpn. • Examination Of The Database And Other Components Running Applications Can Be Done On A Case-By-Case Basis By Vpn Access Or On Site. • The Type Of Software Used For Web Applications Is Not Intended To Be Concluded By The Contracting Authority. The Offer Should Include The Type And Version Of The Software You Want To Use. If The Use Of The Software For Business Purposes Is Not Free, As A Successful Tenderer, A Contractor Must Have The Software License Or Right To Use The Software To Be Used. • Part Of The Investigation Is To Evaluate And Document The Results Obtained Together With The Evidence Of Each Vulnerability. The Test Includes Manual Control Of The Results Obtained, Where This Is Required To Clarify The Results. Quantitative Unit: Number Of Web Applications To Be Examined. Expected Draws Under The Framework Contract: 35 Investigation Of Web Application. [C] Thick Client Application Pentest • The Contracting Authority Does Not Make Any Restrictions On The Thick Clients Offline. • Servers Of The Thick Client And Contracting Authority
We takes all possible care for accurate & authentic tender information, however Users are requested to refer Original source of Tender Notice / Tender Document published by Tender Issuing Agency before taking any call regarding this tender.
