Notice of Intent to Solicit and Award a Sole-Source Modification for the Vulnerability Disclosure Policy (VDP) Platform

The U.S. General Services Administration, Federal Acquisition Service, hereby publicises its intention to modify an existing open market contract with Endyna, Inc., located at 1345 Lancia Drive, McLean VA, 22102. The anticipated modification will provide the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and partnering Federal Cybersecurity Executive Branch (FCEB) agencies continued access to a secure platform to facilitate the submission, tracking, and reporting of vulnerabilities discovered in information systems. The contractor, EnDyna, configures, operates, and administers the platform; ensures it maintains an Authority to Operate (ATO); provides triage services to ensure the validity, proper routing, and tracking of vulnerability submissions; and facilities a bug bounty incentive payment program for FCEB agencies to reward valid submissions. EnDyna is the only firm currently able to continue to provide the services and maintain the ATO without a break in these critical services. The anticipated sole-source modification will allow the Government adequate time to competitively procure future VDP program requirements and implement a new procurement strategy.

Be advised that the aforementioned information is anticipatory in nature and is not binding. A determination by the Government not to compete based upon responses to this notice is solely within the discretion of the Government. This notice is not a request for competitive proposals; however, any firm believing that it can fulfill the requirement of providing these services may be considered on the following competitive procurement. Interested parties may identify their interest and capabilities in response to this notice, and must clearly show the firm's ability to be immediately responsive without compromising the quality, accuracy, and reliability of services provided. The Government will consider all responses.