Open BKozisek7 opened 5 years ago
The requirement is to comply with RFQ Section 12 - Addendum - Commercial Contract Clauses, IT Security Procedural Guide 09-48, Security and Privacy Requirements for IT Acquisition Efforts, Low Impact Software as a Service (LiSaaS) – IT Security and Privacy Requirements.
Question/Comment on TTS Bug Bounty RFQ
Name and affiliation
Brett Kozisek Director Synack Inc.
Section of RFQ documents
RFQ Section 5.1 - Phase 1 Technical Evaluation platform requirements - https://github.com/18F/tts-buy-bug-bounty/blob/master/2018-procurement/RFQ.md#51---phase-1-technical-evaluation it states in sub bullet two “Maintaining a reliable, secure bug bounty SaaS platform.
Question/Comment
Can the government define the requirements the solution must meet in order to be compliant with the reference of Maintaining a reliable, secure bug bounty SaaS platform”?