Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF SEPTEMBER 20, 2008 FBO #2490
SOLICITATION NOTICE

D -- Website Vulnerability Analysis Tool

Notice Date
9/18/2008
 
Notice Type
Combined Synopsis/Solicitation
 
NAICS
541511 — Custom Computer Programming Services
 
Contracting Office
Department of the Navy, Office of Naval Research, ONR, CODE ONR-02, 875 North Randolph St., Suite 1425, Arlington, Virginia, 22203-1995
 
ZIP Code
22203-1995
 
Solicitation Number
N00014-08-Q-0014
 
Archive Date
10/10/2008
 
Point of Contact
Gail Cunningham,, Phone: (703) 696-0814, Vera G Carroll,, Phone: 703-696-2610
 
E-Mail Address
cunning@onr.navy.mil, carrolv@onr.navy.mil
 
Small Business Set-Aside
N/A
 
Description
This is a combined synopsis/solicitation for commercial items prepared in accordance with the format in Federal Acquisition Regulations (FAR) Subpart 12.6, as supplemented with additional information included in this notice. This solicitation constitutes the only solicitation; quotes are being requested and a written solicitation will not be issued. This solicitation is issued as a Request for Quote (RFQ). The solicitation document and incorporated provisions and clauses are those in effect through Federal Acquisition Circular 2001-09 and DFARS Change Notice 20020730. The associated North American Industry Classification System (NAICS) code is 541519 and small business size standard is $25.0 million. This is a full and open competition. Information security events can result in denial of service on public websites. These intrusions can result in loss of critical data, inaccessibility to critical information, and general loss of confidence in the information integrity display on the web-site. The threat environment is constantly changing and expanding, it is critical information system, networks, and applications be protected from external and internal threats. The Office of Naval Research (ONR) has a requirement to procure a website vulnerability analysis tool (Code Analyzer) which is used to scan code across complex applications and scrub code from multiple development sources to reduce the instances of coding errors allowing vulnerabilities in web services. The proposed solution should identify the widest range of security vulnerabilities, pinpointing the coding flaws and design errors that put data and operations at risk. The website vulnerability analysis tool should (1) provide an extremely fast scan of code in a short period of time; (2) check for tens of thousands of known vulnerabilities instead of focusing on any particular type; (3) provide core code analysis license; (4) provide an unlimited number of developers; (5) provide one Security Analyst licenses for Information Assurance (IA) management; and (6) provide two Portfolio Managers for code management across the Command. The Government intends to competitively award a Firm-Fixed Price contract that represents the best value to the Government in accordance with the evaluation criteria set forth in this solicitation. The contract will contain a one (1) year base period for maintenance and support licenses and a one (1) one-year option period for maintenance support. The Government’s estimate for this effort is $240,000.00 for the twelve (12) base period and $36,000.00 for the twelve (12) month option period, although lower and higher proposals will be considered. If an Offeror does not submit a full quote package they will be not be eligible for an award. As soon as the evaluation process is complete, each Offeror will be notified via e-mail of the Offeror who was selected for an award. The clauses at FAR 52.212-1, Instructions to Offerors-Commercial Items, FAR 52.212-4, Contract Terms and Conditions-Commercial Items and FAR 52.212-5, Contract Terms and Conditions Required To Implement Statutes or Executive Orders--Commercial Items, apply to this acquisition. The additional clauses cited within the last clause cited are applicable: 52.203-6, 52.219-4, 52.219-8, 52.222-3, 52.222-19, 52.222-21, 52.222-26, 52.222-35, 52.222-36, 52.222-37, 52.222-39, 52.225-13, and 52.232-33. The DFARS 252.209-7001, Disclosure of Ownership or Control by the Government of a Terrorist Country; DFARS 252.209-7002, Disclosure of Ownership or Control by a Foreign Government; and DFARS clause at 252.212-7001, Contract Terms and Conditions Required to Implement Statutes or Executive Orders Applicable to Defense Acquisitions of Commercial Items applies to this acquisition. The additional clauses cited within this clause are applicable: 52.203-3 and 252.232-7003. The following additional FAR and DFARS clauses apply: FAR 52.204-7 Central Contractor Registration, FAR 52.217-9 Option to Extend the Term of the Contract (insert “the period of performance” for the notice in paragraph (a) and 1 year in paragraph (c)), FAR 52.233-3, Protest After Award (AUG 1996) and 252.204-7004 Alternate A. Quotes submitted in response to this RFQ must contain a technical and price section. The technical section should describe a product that meet the Government’s requirement. The technical section should also contain marketing, promotional, or other information of the proposed website vulnerability analysis tool to show that it meets the requirements of this solicitation. The price section should contain the Offeror’s price which is segregated to show the price associated with the base period and the price associated with the option period. The quote package should also include completed Representations and Certification in accordance with FAR 52.212-3 Offeror Representations and Certifications--Commercial Items and DFARS 252.212-7000 Offeror Representations and Certifications--Commercial Items., which are available electronically at: http://heron.nrl.navy.mil/contracts/repsandcerts.htm, and the Offeror must complete the ONR specific representations and certifications found at http://www.onr.navy.mil/02/rep_cert.asp; and an affirmation that it has an active registration on the Central Contractor Registration (CCR), which is at the website www.ccr.gov. The quote should be no more than a total of ten (10) pages. The technical section should be no more than nine (9) pages and the cost section should be no more than one (1) page. The Representations and Certification is excluded from the page count. Offerors who deviate from the Government’s requirement should provide an explanation in the quote package. A contract will be awarded to the responsible Offeror whose offer represents the best value to the Government. In order to determine which Offeror represents the best overall value to the Government, offers will be evaluated in accordance with the following evaluation criteria: (1) automated code scans for possible open variables; (2) Enterprise coverage for source code analysis to support both the ONR WebTeam (ASP/.NET) and Oracle; (3) discover security flaws that would allow further Sequel Query Language (SQL) injections or other hacks; (4) software security processes that will allow an assured, locked code set to be used on ONR web servers; (5) audit and notification of source code scans; (6) automated risk assessment scans by the Information Assurance Management (IAM) staff; (7) approved in the Department of Navy (DoN) Application and Database Management System (DADMS); (8) support DoD Information Technology Security Certification and Accreditation Process (DTISCAP)/DoD Information Assurance Certification and Accreditation process (DIACAP), Federal Information Security Management Act (FISMA) processes, and (9) price. Evaluation criteria (1) through (8) are of equal importance and these eight (8) criteria as a whole are more important than price. The Contract Specialist must receive any questions concerning the RFQ no later than three (3) business days before the response date of this solicitation. An original and five (5) copies of the Offeror’s quote shall be received at the Office of Naval Research, Attention: Ms. Gail Cunningham – Code BD 0251, 875 North Randolph Street, Suite W1278B, Arlington, VA 22203-1995 no later than 2:00 PM (eastern standard time) on Thursday, 25 September 2008. The package should be marked with the solicitation number and due date. The U.S. Postal Service continues to irradiate letters, flats, Express and Priority Mail with stamps for postage and other packages destined to government agencies. Due to potential delays in receiving mail, Offerors are encouraged to use alternatives to the mail, such as delivery services, when submitting proposals. Offerors may also hand-deliver their proposals at the mailing address above provided they pre-arrange a time and date prior to the closing of the solicitation with the Contract Specialist, Ms. Cunningham, at gail.cunningham@navy.mil or (703) 696-0814. No emailed or faxed proposals will be accepted. The award is anticipated to be made on or about 30 September 2008.
 
Web Link
FedBizOpps Complete View
(https://www.fbo.gov/?s=opportunity&mode=form&id=74357e74541858c36654b5d95f651d1a&tab=core&_cview=1)
 
Record
SN01675500-W 20080920/080918224208-74357e74541858c36654b5d95f651d1a (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.