Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF OCTOBER 20, 2019 FBO #6538
SOURCES SOUGHT

D -- Software Dependency Scanning Solution

Notice Date
10/18/2019
 
Notice Type
Sources Sought
 
NAICS
423430 — Computer and Computer Peripheral Equipment and Software Merchant Wholesalers
 
Contracting Office
United States Senate, Office of the Sergeant at Arms, Finance Division, United States Senate, Washington, District of Columbia, 20510-7207, United States
 
ZIP Code
20510-7207
 
Solicitation Number
2020-S-00002
 
Archive Date
12/1/2019
 
Point of Contact
Holly McDonald,
 
E-Mail Address
holly_mcdonald@saa.senate.gov
(holly_mcdonald@saa.senate.gov)
 
Small Business Set-Aside
N/A
 
Description
DESCRIPTION: MARKET SURVEY AND BIDDERS LIST DEVELOPMENT - SOURCES SOUGHT REQUEST FOR SOFTWARE DEPENDENCY SCANNING SOLUTION. The U.S. Senate, Office of the Sergeant at Arms (SAA) is seeking information from the vendor community on a Software Dependency Scanning Solution to integrate with bimodal software development methodologies minimizing security vulnerabilities and increasing the speed of software release to the consumer. Response to this SSN will assist the SAA in the review of current solutions in the marketplace for a dependency scanning solution. The SAA requests responses that detail solutions that: 1) meet or exceed the requirements set forth herein and 2) provide a full description of services offered, methods of implementation, and scope of the solution. THIS IS A SOURCES SOUGHT NOTIFICATION ONLY. This SSN is solely for information and planning purposes and does not constitute a Request for Proposal (RFP) or a promise to issue an RFP in the future. This SSN does not commit the SAA to contract for any supply or service whatsoever. Further, neither the Senate nor SAA seek proposals at this time; will not accept unsolicited proposals; will not pay for any information or administrative costs incurred in response to this SSN. All costs associated with responding to this SSN will be solely at the interested party's expense. All requirements listed below are mandatory unless otherwise noted. All questions require a response. This synopsis contains the currently available information and is subject to change at any time. REQUIREMENTS: The key functional requirements under consideration for a Software Dependency Scanning Solution must include, but are not limited to, the following: •Ability to scan applications and their dependent libraries written using: oPython/Django oJava oVisual Basic/C#/ASP/.Net oJavaScript/Angular/jQuery/NodeJS oPHP •Ability to identify and provide mitigation tasks for known vulnerabilities; •Ability to automatically update itself with common vulnerability exposure data feeds or national vulnerability database feeds; •Ability to provide analytics through dashboards and generate reports; •Ability to assign User security through role-based controls; •Ability to integrate in a Tool Chain pipeline if needed. •Software only solutions are preferred; and, •Optional: Ability to integrate with a larger set of security tools that have SAST, DAST and Fuzzy testing capability. RESPONSES: Responses to this SSN shall include a brief response of technical summary to each of the mandatory requirements listed above. Software Dependency Scanning Solution responses must be in accordance with the following: •Respondents must be the OEM provider/vendor. Responses submitted by resellers or third-party integrators will not be evaluated by the SAA. •Vendor responses must be based on the existing product's or solution's current, out-of-the-box, configurable capabilities. The SAA will not evaluate or consider custom or uniquely customized products or solutions. •The SAA will not evaluate or consider planned or future product enhancements when reviewing responses. •Offerors of solutions selected to move to the second round of product evaluation by the SAA must be prepared to discuss in detail and demonstrate stated-capabilities relative to some or all listed requirements. Offerors will also need to participate in a 90-day software evaluation hosted in the SAA VMWare Infrastructure, RedHat Virtual infrastructure or OpenShift container platform with minimal vendor support. In addition, submissions must include: • Business information to include the following: > A cover letter to include name of organization, street address, city, state, and zip code, point of contact (POC), telephone number, fax number, and email address. The information contained in this notice will be the only information provided by the SAA during the Sources Sought process. All qualified sources should respond to this notice by submitting an information package in accordance with the instructions provided. Contractors responding to this notice and deemed qualified after participating in the 90-day software evaluation hosted by the SAA may be requested to submit a proposal in response to a solicitation. INSTRUCTIONS: Responses to this Sources Sought Notice are due to the POC no later than 12:00 Noon on November 18, 2019 and shall be submitted electronically via email only to the attention of Holly A. McDonald at holly_mcdonald@saa.senate.gov. The subject line of the email message shall be: SSN 2020-S-0002 entitled "Software Dependency Scanning Solution". No other method of transmittal will be accepted. The response shall not exceed twenty-five (25) pages. Unnecessarily elaborate submissions are discouraged. Pages over the page limitation may be discarded. Access by the SAA to information in any files attached to the response is the responsibility of the submitting party. Neither the SAA nor the Senate is responsible for any failure to access vendor's information. THIS IS NOT A REQUEST FOR PROPOSAL. THIS NOTICE CONSTITUTES THE ENTIRE SOURCES SOUGHT NOTICE AND IS THE ONLY INFORMATION PROVIDED BY THE SAA OR SENATE. ANY REQUESTS FOR ADDITIONAL INFORMATION WILL NOT BE HONORED.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/Senate/SAA/SAAFD/2020-S-00002/listing.html)
 
Place of Performance
Address: United States Senate, Office Of The Sergeant At Arms, Washington, District of Columbia, 20510, United States
Zip Code: 20510
 
Record
SN05477701-W 20191020/191018230440-40a49407b1b8510070860cda3e7d47e5 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.