FDIC Fortify on Demand Subscription Maintenance

The document outlines a nonpublic procurement requirement by the FDIC for the Fortify on Demand vulnerability scanning platform, integral to its Application Security Program. It includes specifications for a subscription and support services over a defined period from November 1, 2025, to October 31, 2026. The price schedule provides details on various line items including 100+ assessment units with managed support and enhanced support, though specific total pricing is not listed. This procurement is categorized under subscription goods and services, indicating a focus on ongoing support and updates essential for maintaining the application security infrastructure. The outlined requirements align with standard government contracting processes for securing software and services necessary for federal operations.

This document outlines the solicitation and award details for a contract between the Federal Deposit Insurance Corporation (FDIC) and a contractor for providing vulnerability scanning services through "Fortify on Demand," a subscription-based platform. It specifies the contract number, effective dates, and delivery requirements, as well as the socio-economic status of the contractor. The document includes detailed sections on supplies and services, including pricing, delivery schedules, payment information, and associated clauses. Key points address requirements for bid submission, the method of invoice submission, and contractor responsibilities regarding inspection and acceptance of services. It underscores the importance of compliance with security, privacy, and environmental standards, particularly for IT services. Obligations surrounding the safeguarding of sensitive information are also emphasized. The contractor is required to provide documentation for payments and must comply with various federal regulations, including the Anti-Kickback Act. Overall, this solicitation document serves to establish the parameters and requirements for the contract in accordance with federal guidelines, ensuring that the awarded services meet FDIC standards and protects sensitive information throughout the contract period. It reflects the FDIC's commitment to secure and effective IT solutions while maintaining compliance with federal laws and regulations.