Justification and Approval - Vulnerability Disclosure Policy Platform (VDP) Platform
This opportunity involves providing a secure, commercially available SaaS Vulnerability Disclosure Policy (VDP) platform for the Cybersecurity and Infrastructure Security Agency (CISA) to support Federal Civilian Executive Branch agencies. The contractor must configure, operate, and administer the platform, maintain its Authority to Operate, provide technical support, perform vulnerability triage and tracking, and optionally support bug bounty programs. The platform must enable centralized submission, validation, routing, and reporting of cybersecurity vulnerabilities while ensuring secure collaboration and scalability. The contract modification extends the period of performance to ensure continuity of the enterprise VDP platform and support services. No specific budget amounts or performance location are mentioned.