Vulnerability Management and Penetration Testing Services
Overview
Fit Score
Settle Intelligence
Settle helps teams find, evaluate, and respond to public RFPs. We continuously surface new opportunities, score them against your company strengths, and draft proposal responses so you can focus on the work that wins business.
SUMMARY
KEY REQUIREMENTS
BUDGET
EstimateCONTRACT DURATION
TIMELINE
RFQ Posted: March 16th, 2026
Bidder Questions Due: March 25th, 2026
Commonwealth Responses posted to COMMBUYS (estimated date): March 30th, 2026
RFQ Response Due: April 6th, 2026
Notice of Apparent Successful Bidder(s) posted (estimated date): April 21st, 2026
QUESTION DEADLINE
Issuing Agency
Executive Office of Technology Services And Security
Organization overview and procurement intelligence available on paid plans.
DESCRIPTION
The government authority in Boston, Massachusetts seeks a vendor to provide comprehensive vulnerability management program support and penetration testing services. Required program support includes governance and strategic oversight, vulnerability management platform engineering, risk prioritization, process automation and integration, and coverage for cloud and modern infrastructures.
Penetration testing services must encompass annual testing with defined methodologies and scope, addressing web applications—including SaaS offerings—API endpoints, internal and external network infrastructure, and cloud-hosted systems. Vendors are also expected to provide thorough reporting, retesting services, as well as the management of intake and program administration.
Source attribution
This Settle analysis is based on the issuing organization’s public RFP listing.