Vulnerability and Penetration Testing - Network, Web Application; Security Infrastructure Review, D
Centre For Development Of Advanced Computing (c-dac)
SOUTH DELHI, DELHI
Bid Publish Date
10-Jul-2026, 9:35 am
Bid End Date
24-Jul-2026, 10:00 am
Value
₹2,24,200
Location
Progress
Quantity
1
Bid Type
Two Packet Bid
The Indian Army, Department Of Military Affairs, invites bids for Vulnerability and Penetration Testing (VAPT) of Certifying Authority systems, security infrastructure review, data communications and network control review, secure configuration review (devices/OS), and application security audit (OWASP Top 10) with malware analysis. The project carries an estimated value of ₹224,200. Bidders must have a local service presence in the consignee state and demonstrate prior VAPT experience in armed forces CERT-I guidelines. A dedicated service desk is required, along with an escalation matrix and documented evidence of nearest office location. The scope emphasizes certified security assessments, incident readiness, and adherence to CERT-I protocols.
Product/Service: Vulnerability and Penetration Testing (VAPT) along with Security Infrastructure Review and OWASP Top 10 App Security Audit
Estimated value: ₹224,200
Standards/Compliance: CERT-I guidelines referenced; malware analysis; secure configuration review
Delivery/support: Local service presence in consignee state; dedicated service desk and escalation matrix
Documentation: Malicious Code Certificate declaring no embedded malicious code
EMD not specified; bidder must declare financial standing and upload undertaking
Local service office required in consignee state with documentary evidence
Prior VAPT experience at armed forces CERT-I guided engagements required
Mandatory Malicious Code Certificate and IP compliance attestations
Not explicitly stated; payment terms to be negotiated with successful bidder, ensure compliance with local procurement norms
Testing and audit activities to be scheduled post award; no explicit timeline provided in data
No LD clause described; standard govt procurement penalties may apply for non-compliance
Not under liquidation or bankruptcy
Demonstrated VAPT experience in armed forces CERT-I contexts
Local service office in consignee state with documentary evidence
Tender Category
Service
Bid To RA
No
Bid To RA Enabled
Yes
Item Category
Vulnerability and Penetration Testing - VAPT of Certifying Authority; Security Infrastructure Review, Data Communications and Network Control Review, Secure Configuration Review (Devices/OS), Application Security Audit (OWASP Top 10), Malware Analysi..
Delivery Locations
1
Delivery Cities
SOUTH WEST DELHI
| Consignee | Address | City | State | Pincode | Quantity | Delivery Days | Additional Requirement |
|---|---|---|---|---|---|---|---|
| - | SOUTH WEST DELHI | SOUTH WEST DELHI | - | - | Project / Lumpsum Based | - | - |
End-to-end support — bid preparation, GeM registration, document filing & compliance by industry experts.
Free consultation · 24h response
Main Document
OTHER
GEM_GENERAL_TERMS_AND_CONDITIONS
GEM_GENERAL_TERMS_AND_CONDITIONS
Centre For Development Of Advanced Computing (c-dac)
SOUTH DELHI, DELHI
Directorate General Of Quality Assurance ( Dgqa)
HYDERABAD, TELANGANA
Sashastra Seema Bal (ssb)
SHIMLA, HIMACHAL PRADESH
Controller General Of Defence Accounts
Central University Of Haryana
MAHENDRAGARH, HARYANA
Tender Results
Loading results...
Discover companies most likely to bid on this tender
GST registration
PAN card
Experience certificates showing VAPT/SECURITY AUDIT engagements
Financial statements demonstrating financial stability
Malicious Code Certificate (embedded code declaration)
OEM authorizations or certifications (if applicable)
Documentary evidence of local service office in consignee state
Dedicated toll-free/service support details and escalation matrix
Key insights about DELHI tender market
Bidders must meet eligibility: no liquidation, valid GST/PAN, prior VAPT experience including armed forces CERT-I engagements, and a local service office in the consignee state. Prepare Malicious Code Certificate and evidence of dedicated service support; submit with bid as per T&C.
Required documents include GST certificate, PAN, financial statements, experience certificates for VAPT/SECURITY AUDIT, Malicious Code Certificate, service desk details, escalation matrix, and proof of local office in consignee state.
Scope includes VAPT of Certifying Authority systems, security infrastructure review, data communications and network control review, secure OS/device configuration review, and OWASP Top 10 application security audit plus malware analysis.
The estimated value is ₹224,200. Bidders should price services for VAPT, security reviews, and malware analysis under CERT-I framework while meeting state-local service requirements.
Bidders must provide a dedicated toll-free service line and an escalation matrix. An on-ground service provider must have an office in the buyer’s state with documentary evidence submitted with the bid.
Testing must align with CERT-I guidelines for armed forces and include CERT-I compliant security assessments, malware analysis, and secure configuration practices during VAPT and auditing.
The certificate asserts no embedded malicious code in hardware/software and confirms IP rights compliance. Submitting this document is mandatory to avoid breach implications and to qualify for technical evaluation.
Exact dates are not provided; bidders should monitor for bidder communications post bid submission and prepare readiness for post-award scheduling of VAPT activities in alignment with consignee state requirements.
Income Tax Appellate Tribunal (itat) Jaipur
📍 NEW DELHI, DELHI
Prasar Bharati Broadcasting Corporation Of India
📍 CENTRAL DELHI, DELHI
National Highways Logistics Management Limited
📍 WEST DELHI, DELHI
Zila Sahkari Bank Ltd., Bulandshahr
📍 BULANDSHAHR, UTTAR PRADESH
Department of Water Resources
📍 RI BHOI, MEGHALAYA
Sign up now to access all documents
Main Document
OTHER
GEM_GENERAL_TERMS_AND_CONDITIONS
GEM_GENERAL_TERMS_AND_CONDITIONS