MODIFICATION
70 -- WebInspect
- Notice Date
- 9/19/2007
- Notice Type
- Modification
- NAICS
- 334611
— Software Reproducing
- Contracting Office
- Department of Health and Human Services, Program Support Center, Division of Acquisition Management, Parklawn Building Room 5-101 5600 Fishers Lane, Rockville, MD, 20857, UNITED STATES
- ZIP Code
- 00000
- Solicitation Number
- RFQ07EOIG005508
- Response Due
- 9/20/2007
- Archive Date
- 10/5/2007
- Description
- This is a combined synopsis/solicitation for commercial items prepared in accordance with the format in Subpart 12.6, as supplemented with additional information included in this notice. The NAICS Code is 334611 with a size standard of 500 employees. The Department of Health and Human Services seeks to acquire a WebInspect perpetual user license and user license annual maintenance utilizing simplified acquisition procedures in accordance with FAR 13.100, 12.603, and 12.602. The software will be used by Information Technology Auditors to perform vulnerability assessments of computer web applications and services during the normal review of operations at auditees. The software, WebInspect by SPI Dynamics, can analyze the numerous Web applications and Web services in an auditee?s environment quickly and easily and is maintained and updated daily which is critical due to the ever changing environment of the web. SPI Dynamics vulnerability database is one of the most comprehensive and accurate knowledgebases on the market. WebInspect checks for all of the following vulnerabilities: Command Execution, HTTP Compliance, SQL Injection, WebDAV Compliance, Cross-Site Scripting, SSL Strength, Directory Traversal, Certificate Analysis, Abnormal Input, Content Investigation, Parameter Overflow, Spam Gateway Detection, Buffer Overflow, Client-Side Pricing, Parameter Addition, Sensitive Developer Comments, Path Manipulation, WebServer/Web Package, Path Truncation, Identification, Character Encoding, Absolute Path Detection, MS-DOS 8.3 Short Filename, Error Message Identification, Character Stripping, Permissions Assessment, Site Search, Brute Force Authentication, Application Mapping, Known Attacks, State Management, Crawl, Directory Enumeration, Automatic Form-Filling, Web Server Assessment, SSL Support, Parameter Injection, Proxy Supp. If the OIG attempted to conduct an audit without such a product, they would be unable to properly determine if proper controls were in place during an assessment. The OIG has staff members who are familiar with the product as it is currently utilized for vulnerability assessments of their internal websites and services. By standardiziing on an existing product, the OIG can share technical expertise, troubleshooting, and operational use by all staff. This will also reduct the need for additional training from the vendor. If OIG purchased a non-standard vulnerability web assessment tool, OIG could come under scrutinization by outside peer reviews for not following internal policy of standardization that has been dictated by the current HHS Secretary. SPI Dynamics, Inc. is the exclusive manufacturer and provider. Any and all interested offerors are encouraged to submit a quote. Please request a copy of the RFQ from Clint Druk at clint.druk@psc.gov if you wish to be considered for this requirement. All questions must be submitted in writing via email to Clint Druk at clint.druk@psc.gov by 2:00 PM EASTERN TIME Tuesday, September 19, 2007. All quotes must be submitted via electronic copy and to the addresses and locations cited in attached solicitation by section by 10:00 AM EASTERN TIME, Thursday, September 20, 2007. Quotes shall be in .pdf or Microsoft Word format. NOTE: THIS NOTICE WAS NOT POSTED TO FEDBIZOPPS ON THE DATE INDICATED IN THE NOTICE ITSELF (19-SEP-2007). IT ACTUALLY APPEARED OR REAPPEARED ON THE FEDBIZOPPS SYSTEM ON 22-SEP-2007. PLEASE CONTACT fbo.support@gsa.gov REGARDING THIS ISSUE.
- Record
- SN01415668-W 20070924/070922232451 (fbodaily.com)
- Source
-
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |