“The Cybersecurity and Infrastructure Security Agency’s first shared-services offering has hit a snag, with HackerOne protesting the award of the vulnerability disclosure policy (VDP) platform contract. HackerOne
filed a bid protest of the General Services Administration’s $13.5 million award to EnDyna, Inc. with the Government Accountability Office on Oct. 9. The goal of the contract is to create a platform that agencies can use to safely collect information about security flaws in their networks.”
“A decision isn’t due until Jan. 19, 2021.”
“We believe the security of our national cyber infrastructure depends significantly on the efforts of security researchers. CISA’s requirements are clear on what they need in a vendor to…” Read the full article here.
Source: CISA’s first shared-services offering is delayed by protest – By Dave Nyczepir, November 2, 2020. FedScoop.