GEM

ICAR Indian Council of Agricultural Research Vulnerability Testing Tender 2025 – OWASP Top 10 Web App Security Audit Delhi

Posted

31 Oct 2025, 05:04 pm

Deadline

21 Nov 2025, 01:00 pm

Value

₹3,60,000

Location

CENTRAL DELHI , DELHI

Progress

Issue31 Oct 2025, 05:04 pm
AwardPending
Explore all 4 tabs to view complete tender details

Quantity

1

Bid Type

Two Packet Bid

Key Highlights

  • Local Delhi service-provider obligation with documentary evidence
  • Up to 25% quantity/duration flexibility at contract issue and post-award
  • DD or FDR acceptable as Performance Security; hard copy delivery within 15 days
  • No explicit EMD amount stated; EMD/Govt payment security terms via GeM ATC
  • OWASP Top 10 vulnerability testing and web application security audit scope
  • IS/IEC-style security testing expectations likely; ensure certifications
  • ATC requires bidder to maintain financial stability and no liquidation
  • Delivery terms and detailed penalties not explicitly disclosed in data

Tender Overview

The Indian Council Of Agricultural Research (ICAR) under the Department Of Agricultural Research And Education (DARE) invites bids for Vulnerability and Penetration Testing of a web application, focusing on OWASP Top 10 and overall application security audit. Estimated value is ₹360,000. Location: CENTRAL DELHI, DELHI - 110002. Scope includes security assessment, risk remediation guidance, and addressing OWASP Top 10 vulnerabilities in the target web application. Bidder must have a local Delhi service presence per ATC requirements, with delivery aligned to ICAR’s procurement cadence. The tender includes a quantity/duration flexibility clause allowing up to 25% adjustment at the time of contract issue and post-award, ensuring adaptability to project scope changes. Unique aspects include security testing aligned with government procurement standards and a mandatory post-audit remediation plan. This opportunity targets vendors with demonstrated web security testing capabilities and compliance awareness within the government sector.

Technical Specifications & Requirements

  • Product/Service: Vulnerability assessment and penetration testing for web application; OWASP Top 10 based security audit; vulnerability addressing.
  • Estimated value: ₹360,000.
  • Location/Service area: CENTRAL DELHI, DELHI; office of service provider required in consignee state.
  • Delivery/Timing: Not specified; flexibility clause allows up to 25% adjustment to quantity or duration.
  • Documentation/Compliance: Upload certificates and documents as per bid document; EMD/PBG options: DD or FDR acceptable post-award; hard copy delivery within 15 days.
  • Experience/Eligibility: Financial standing not under liquidation; evidence of ability to perform security testing; local presence in Delhi per ATC.
  • Standards/Certifications: Not explicitly listed in data; expect IS/IEC alignment typical for government security audits.
  • Penalties/Remedies: Not specified beyond general procurement terms; ensure compliance with GeM and ATC.

Terms, Conditions & Eligibility

  • EMD/Performance Security: Post-award, bidder may submit Performance Security via Account Payee Demand Draft (DD) or Fixed Deposit Receipt (FDR); must be payable to the director icar iasri, New Delhi; delivery of hard copy within 15 days.
  • PBG/DD/FDR options: DD or FDR accepted; scanned copy upload allowed in place of PBG.
  • Office requirement: Service provider must maintain an office in the state of consignee (Delhi) with documentary evidence.
  • Financial standing: Bidder should not be under liquidation or bankrupt; must upload an undertaking.
  • Certificate/document submission: All certificates/documents sought in Bid document and ATC must be uploaded; non-submission risks rejection.

Key Specifications

    • Product/Service: Web application vulnerability assessment and penetration testing with OWASP Top 10 focus
    • Estimated value: ₹360,000
    • Location: CENTRAL DELHI, DELHI; service provider office required in consignee state
    • Delivery flexibility: up to 25% adjustment in quantity or duration
    • Security deposits: DD or FDR acceptance; hard copy due within 15 days of award
    • Documentation: mandatory certificates/documents per ATC and bid document

Terms & Conditions

  • Up to 25% change in contract quantity or duration

  • Delhi-based service provider required with documentary evidence

  • DD or FDR acceptable as performance security; 15-day hard copy delivery

Important Clauses

Payment Terms

Performance security can be submitted via Demand Draft or Fixed Deposit Receipt; DD/FDR payable to director icar iasri, New Delhi; scanned copy upload allowed; hard copy due within 15 days of award

Delivery Schedule

No explicit delivery deadline provided; contract quantity/duration may be adjusted up to 25% at issue and post-award

Penalties/Liquidated Damages

Not explicitly disclosed in data; standard GeM ATC compliance and government procurement penalties applicable

Bidder Eligibility

  • Not under liquidation or bankruptcy; provide undertaking

  • Delhi presence with documentary evidence of service office

  • Demonstrated capability in web vulnerability testing and OWASP Top 10 audits

AI-Powered Bidder Prediction

Companies most likely to bid

Unlock Bidder Insights

AI predictions on likely bidders

Required Documents

1

GST certificate

2

PAN card

3

Experience certificates for web security testing

4

Financial statements to demonstrate stability

5

EMD submission documentation or indication of security deposit method

6

Technical bid documents and method statement

7

OEM authorizations or vendor certifications, if applicable

8

Office presence proof in Delhi (consignee state)

Frequently Asked Questions

How to bid for the vulnerability testing tender in Delhi ICAR 2025?

Bidders must submit certificates and documents per ATC, provide evidence of Delhi presence, and submit the EMD or security deposit. The estimated value is ₹360,000; ensure OWASP Top 10 audit scope is clearly described in the technical bid, with remediation plan.

What documents are required for ICAR web security bid in Delhi?

Required documents include GST certificate, PAN card, experience certificates for security testing, financial statements, EMD/SD submission proof, technical bid and remediation methodology, and proof of Delhi-based office as per ATC.

What are the key technical requirements for OWASP Top 10 audit?

Contract expects a vulnerability assessment and penetration testing of a web application focusing on OWASP Top 10, with remediation guidance, risk ranking, evidence of testing, and a final security posture report aligned to government procurement standards.

When is the delivery window and payment terms for ICAR Delhi tender?

There is no fixed delivery date; contract quantity may be adjusted by up to 25%. Payment terms follow GeM terms; security deposit via DD or FDR; hard copy delivery within 15 days of award.

What are the EMD/Performance Security options for this bid?

Successful bidders may submit performance security through Account Payee DD payable to director icar iasri or an FDR. For convenience, scanned copies are uploaded, with the original document delivered to ICAR within 15 days.

What is the eligibility criteria for the Delhi service provider?

Applicants must have a Delhi-based office with documentary evidence, demonstrate non-liquidation status, and provide prior web security testing experience, including OWASP Top 10 audits, to meet the eligibility criteria.

Similar Tenders

Cyber Security Audit - Infrastructure Audit, Security and Compliance Audit

Central Armed Police Forces

LATEHAR, JHARKHAND

Est: ₹50,000
View Details

Cyber Security Audit - Infrastructure Audit, Security and Compliance Audit

Department of Economic Affairs

HOSHANGABAD, MADHYA PRADESH

Est: ₹6.0 L
View Details