TenderDekho Logo
GEM

Indian Army VAPT & Security Audit Tender 2026 - CERT-I Based Assessment, Security Infrastructure Review, OWASP Top 10 - 224200 2026

Bid Publish Date

10-Jul-2026, 9:35 am

Bid End Date

24-Jul-2026, 10:00 am

Value

₹2,24,200

Progress

Issue10-Jul-2026, 9:35 am
AwardPending
Explore all 6 tabs to view complete tender details

Quantity

1

Bid Type

Two Packet Bid

Categories 4

Tender Overview

The Indian Army, Department Of Military Affairs, invites bids for Vulnerability and Penetration Testing (VAPT) of Certifying Authority systems, security infrastructure review, data communications and network control review, secure configuration review (devices/OS), and application security audit (OWASP Top 10) with malware analysis. The project carries an estimated value of ₹224,200. Bidders must have a local service presence in the consignee state and demonstrate prior VAPT experience in armed forces CERT-I guidelines. A dedicated service desk is required, along with an escalation matrix and documented evidence of nearest office location. The scope emphasizes certified security assessments, incident readiness, and adherence to CERT-I protocols.

Technical Specifications & Requirements

  • Organization: Indian Army (Department Of Military Affairs). Product category focuses on VAPT and security assessments incl. Certifying Authority reviews, network and application security, malware analysis.
  • Experience requirements: At least one VAPT engagement conducted for armed forces CERT-I guidelines; local office in consignee state; service support availability via toll-free/dedicated lines.
  • Documentation & certificates: Submission of Malicious Code Certificate asserting no embedded malicious code; explicit attestations on software/hardware integrity and IP rights compliance.
  • Delivery & support: Dedicated support line, escalation matrix, and evidence of an on-ground service provider within the buyer’s state; adherence to security and privacy norms during testing.
  • Value & scope: Estimated contract value ₹224,200; no BOQ items listed; emphasis on compliance with CERT-I standards and secure configuration reviews.

Terms, Conditions & Eligibility

  • EMD/financial standing: Bidder must not be under liquidation or bankrupt; must upload an undertaking.
  • Malicious code certificate: Required certificate confirming absence of embedded malicious code and IP rights breach avoidance.
  • Service & support: Toll-free dedicated service number and escalation matrix mandatory.
  • Geographic condition: Service provider must be located in the buyer’s state; documentary evidence required.
  • Compliance: Prior VAPT at armed forces certification authority per CERT-I guidelines; adherence to security protocols during testing.

Key Specifications

  • Product/Service: Vulnerability and Penetration Testing (VAPT) along with Security Infrastructure Review and OWASP Top 10 App Security Audit

  • Estimated value: ₹224,200

  • Standards/Compliance: CERT-I guidelines referenced; malware analysis; secure configuration review

  • Delivery/support: Local service presence in consignee state; dedicated service desk and escalation matrix

  • Documentation: Malicious Code Certificate declaring no embedded malicious code

Terms & Conditions

  • EMD not specified; bidder must declare financial standing and upload undertaking

  • Local service office required in consignee state with documentary evidence

  • Prior VAPT experience at armed forces CERT-I guided engagements required

  • Mandatory Malicious Code Certificate and IP compliance attestations

Important Clauses

Payment Terms

Not explicitly stated; payment terms to be negotiated with successful bidder, ensure compliance with local procurement norms

Delivery Schedule

Testing and audit activities to be scheduled post award; no explicit timeline provided in data

Penalties/Liquidated Damages

No LD clause described; standard govt procurement penalties may apply for non-compliance

Bidder Eligibility

  • Not under liquidation or bankruptcy

  • Demonstrated VAPT experience in armed forces CERT-I contexts

  • Local service office in consignee state with documentary evidence

Additional Tender Data

Commercial Details

Tender Category

Service

Bid To RA

No

Bid To RA Enabled

Yes

Item Category

Vulnerability and Penetration Testing - VAPT of Certifying Authority; Security Infrastructure Review, Data Communications and Network Control Review, Secure Configuration Review (Devices/OS), Application Security Audit (OWASP Top 10), Malware Analysi..

Delivery Details

Delivery Locations

1

Delivery Cities

SOUTH WEST DELHI

Delivery Locations

ConsigneeAddressCityStatePincodeQuantityDelivery DaysAdditional Requirement
-SOUTH WEST DELHISOUTH WEST DELHI--Project / Lumpsum Based--

Authority Records

MINISTRY OF DEFENCEMILITARY AFFAIRS DEPARTMENT

BID & GeM Expert Consultancy

End-to-end support — bid preparation, GeM registration, document filing & compliance by industry experts.

Bid Preparation GeM Registration Document Filing

Free consultation · 24h response

Documents 4

GeM-Bidding-9458181.pdf

Main Document

Other Documents

OTHER

GEM General Terms and Conditions Document

GEM_GENERAL_TERMS_AND_CONDITIONS

GEM General Terms and Conditions Document

GEM_GENERAL_TERMS_AND_CONDITIONS

Past Similar Tenders (Historical Results)

5 found

Vulnerability and Penetration Testing - Network, Web Application; Security Infrastructure Review, D

Centre For Development Of Advanced Computing (c-dac)

SOUTH DELHI, DELHI

Posted: 15 January 2026
Closed: 24 January 2026
GEM

Directorate General Of Quality Assurance Vulnerability Testing Tender Hyderabad Telangana 2026 CERT-IN empaneled

Directorate General Of Quality Assurance ( Dgqa)

HYDERABAD, TELANGANA

Posted: 9 January 2026
Closed: 19 January 2026
GEM

Sashastra Seema Bal Vulnerability and Penetration Testing Tender Shimla Himachal Pradesh 2025

Sashastra Seema Bal (ssb)

SHIMLA, HIMACHAL PRADESH

Posted: 16 December 2025
Closed: 26 December 2025
GEM

Controller General Of Defence Accounts Vulnerability Testing Tender 2025 in India - Mobile/Web/IoT Security Audit with CERT-In Empanelment

Controller General Of Defence Accounts

Posted: 6 January 2026
Closed: 17 January 2026
GEM

Central University Of Haryana Vulnerability Testing Tender Web Application Security Audit 2025

Central University Of Haryana

MAHENDRAGARH, HARYANA

Posted: 24 November 2025
Closed: 4 December 2025
GEM

🤖 AI-Powered Bidder Prediction

Discover companies most likely to bid on this tender

Live AI
Historical Data

Required Documents

1

GST registration

2

PAN card

3

Experience certificates showing VAPT/SECURITY AUDIT engagements

4

Financial statements demonstrating financial stability

5

Malicious Code Certificate (embedded code declaration)

6

OEM authorizations or certifications (if applicable)

7

Documentary evidence of local service office in consignee state

8

Dedicated toll-free/service support details and escalation matrix

Frequently Asked Questions

Key insights about DELHI tender market

How to bid for Indian Army VAPT tender in 2026 with CERT-I guidelines

Bidders must meet eligibility: no liquidation, valid GST/PAN, prior VAPT experience including armed forces CERT-I engagements, and a local service office in the consignee state. Prepare Malicious Code Certificate and evidence of dedicated service support; submit with bid as per T&C.

What documents are required for Indian Army VAPT procurement in 2026

Required documents include GST certificate, PAN, financial statements, experience certificates for VAPT/SECURITY AUDIT, Malicious Code Certificate, service desk details, escalation matrix, and proof of local office in consignee state.

What are the technical scope elements in this army security audit tender

Scope includes VAPT of Certifying Authority systems, security infrastructure review, data communications and network control review, secure OS/device configuration review, and OWASP Top 10 application security audit plus malware analysis.

What is the estimated contract value for the army security tender 2026

The estimated value is ₹224,200. Bidders should price services for VAPT, security reviews, and malware analysis under CERT-I framework while meeting state-local service requirements.

What is the required service support arrangement for bidders

Bidders must provide a dedicated toll-free service line and an escalation matrix. An on-ground service provider must have an office in the buyer’s state with documentary evidence submitted with the bid.

What standards or guidelines govern the VAPT tender for the Indian Army

Testing must align with CERT-I guidelines for armed forces and include CERT-I compliant security assessments, malware analysis, and secure configuration practices during VAPT and auditing.

How is Malicious Code Certificate used in the bid submission

The certificate asserts no embedded malicious code in hardware/software and confirms IP rights compliance. Submitting this document is mandatory to avoid breach implications and to qualify for technical evaluation.

When can bidders expect the procurement process to finalize

Exact dates are not provided; bidders should monitor for bidder communications post bid submission and prepare readiness for post-award scheduling of VAPT activities in alignment with consignee state requirements.

Similar Tenders

5 found
Urgent

Vulnerability and Penetration Testing - Web Application; Application Security Audit (OWASP Top 10);

Income Tax Appellate Tribunal (itat) Jaipur

📍 NEW DELHI, DELHI

Est: ₹1.0 L
⏰ Deadline: 3 days left
🛒 Type: Service
View GEM
Urgent

Vulnerability and Penetration Testing - Web Application; Application Security Audit (OWASP Top 10);

Prasar Bharati Broadcasting Corporation Of India

📍 CENTRAL DELHI, DELHI

EMD: ₹19,150
Est: ₹9.6 L
⏰ Deadline: 2 days left
🛒 Type: Service
View GEM
Urgent

Cyber Security Audit - Infrastructure Audit, Security and Compliance Audit

National Highways Logistics Management Limited

📍 WEST DELHI, DELHI

EMD: ₹30,000
Est: ₹18.0 L
⏰ Deadline: 6 days left
🛒 Type: Service
View GEM

Vulnerability and Penetration Testing - Network, Web Application; Security Infrastructure Review; V

Zila Sahkari Bank Ltd., Bulandshahr

📍 BULANDSHAHR, UTTAR PRADESH

EMD: ₹25,000
⏰ Deadline: 2 weeks left
🛒 Type: Service
View GEM
Urgent

Government Tender Published for Engagement of CERT-In Empaneled Information Security Auditor for Comprehensive Cyber Security Audit, VAPT and Security Assessment of IPMS in RI BHOI, MEGHALAYA

Department of Water Resources

📍 RI BHOI, MEGHALAYA

⏰ Deadline: 4 days left
🛒 Type: Service
View EPROCURE