Vulnerability Disclosure Program (VDP) Enterprise Management System (EMS)
ID: FA701425RVDPEType: Combined Synopsis/Solicitation
Overview

Buyer

DEPT OF DEFENSEDEPT OF THE AIR FORCEFA7014 AFDW PKANDREWS AFB, MD, 20762-6604, USA

NAICS

Other Computer Related Services (541519)

PSC

IT AND TELECOM - BUSINESS APPLICATION SOFTWARE (PERPETUAL LICENSE SOFTWARE) (7A21)

Original Source

https://sam.gov/workspace/contract/opp/ce0a3ccd33f24d15b88cf887cea9c881/view
Timeline
    Description

    The Department of Defense, specifically the Department of the Air Force, is seeking proposals for a Vulnerability Disclosure Program (VDP) Enterprise Management System (EMS) to support its Cyber Crime Center (DC3). The procurement aims to secure a commercial solution that includes vulnerability submission workflows, researcher engagement tools, and advanced reporting capabilities for both the DoD and Defense Industrial Base (DIB) VDPs. This initiative is crucial for enhancing the security of the DoD Information Network and leveraging crowdsourced cybersecurity expertise. Proposals are due by January 9, 2026, at 1600 EST, and interested parties should direct inquiries to Phelicha Silva at phelicha.silva@us.af.mil or Ryan Amos at ryan.amos.5.ctr@us.af.mil. Please note that funding for this contract is contingent upon the availability of appropriated funds.

    Point(s) of Contact
    Phelicha Silva
    phelicha.silva@us.af.mil
    Ryan Amos
    ryan.amos.5.ctr@us.af.mil
    Files
    Title
    Posted
    Attachment 1 VDP EMS Performance Work Statement (PWS).pdf
    This Performance Work Statement outlines the requirements for a contractor to provide a Vulnerability Disclosure Program (VDP) Enterprise Management System for the Department of Defense (DoD) Cyber Crime Center (DC3). The VDP aims to enhance the security of the DoD Information Network and Defense Industrial Base networks by leveraging crowdsourced cybersecurity expertise. The contractor will provide two enterprise management system licenses/subscriptions, vulnerability submission and management workflows, community engagement features, integration capabilities, mediation support, and tools for vulnerability triage and resolution. Key deliverables include the licenses, workflows, kickoff meeting arrangements, and transition plans. The contract has a 12-month base period with multiple option periods, and performance will occur at both contractor and government sites. Security, compliance, and quality assurance are critical components of the contract.
    Attachment 2 CLIN Worksheet.xlsx
    The Attachment 2 CLIN Worksheet outlines the pricing structure for the Vulnerability Disclosure Program (VDP) Enterprise Management Solution (EMS). It details a base year from February 2026 to January 2027, followed by four option years, each covering the DoD and DIB VDP Software License Subscriptions. The worksheet emphasizes the offeror's responsibility to ensure accurate calculations for all line items and includes an automatic calculation for a six-month extension, in accordance with FAR 52.217-8, based on half of the final option year's proposed amount. While quantities are set at one for each subscription, the prices are currently listed as $0.00, indicating that offerors are expected to fill in their proposed unit prices to determine the total contract value over the entire period of performance.
    RFQ COMBO_VDP EMS.pdf
    The Department of the Air Force seeks a Firm-Fixed Price contract for a Vulnerability Disclosure Program (VDP) Enterprise Management Solution (EMS) to support the DoD Cyber Crime Center (DC3). This solicitation (FA701425RVDPE) aims to secure annual licenses/subscriptions for two VDP EMS instances (DoD VDP and DIB VDP). The solution must offer vulnerability submission workflows, researcher engagement tools, advanced analytics, and dedicated support. The contract includes a base year (February 2026 – January 2027) and four option years, plus a six-month extension. Proposals are due by January 9, 2026, 1600 EST. Evaluation prioritizes technical merit (technical and management approach) over cost, with technical factors being significantly more important.
    Lifecycle
    Title
    Type
    Vulnerability Disclosure Program (VDP) Enterprise Management System (EMS)
    Currently viewing
    Combined Synopsis/Solicitation
    Similar Opportunities
    ManageEngine Service Desk Plus Enterprise Edition
    Dept Of Defense
    The Department of Defense, specifically the Naval Air Warfare Center Aircraft Division, is seeking proposals for the procurement of ManageEngine Service Desk Plus Enterprise Edition under a firm-fixed-price contract. This procurement involves an annual subscription model for 65 technicians and 4000 nodes, aimed at renewing the government's current software subscription, which is set to expire on April 18, 2026. The software is critical for enhancing IT service management capabilities within the agency's infrastructure. Interested vendors must submit their proposals electronically by 12:00 PM EST on January 8, 2026, to Eric Daly at eric.m.daly6.civ@us.navy.mil, ensuring they meet all outlined requirements and are authorized distributors of the specified software.
    Protecting Army Modernization and Supply Chains- Commercial Solutions Opening (CSO)
    Dept Of Defense
    The Department of Defense, through the Army Contracting Command, is seeking innovative solutions to enhance cybersecurity within the Defense Industrial Base (DIB) as part of the Protecting Army Modernization and Supply Chains initiative. This opportunity invites proposals for automated cybersecurity measures that comply with critical standards such as NIST controls and Cybersecurity Maturity Model Certification (CMMC), aimed at supporting small businesses in mitigating cyber threats while ensuring the protection of intellectual property and secure access. The initiative is crucial for safeguarding defense technologies and ensuring the rapid delivery of military capabilities, with submissions accepted until March 6, 2030. Interested parties can contact the Army NCODE Team at usarmy.apg.acc.mbx.dc3oe-ncode-cso@army.mil for further information.
    Trusted and Elastic Military Platforms and Electronic Warfare (EW) System Technologies (TEMPEST)
    Dept Of Defense
    The Department of Defense, specifically the Air Force Research Laboratory (AFRL), is seeking proposals for the Trusted and Elastic Military Platforms and Electronic Warfare (EW) System Technologies (TEMPEST) initiative. This program aims to develop methodologies and technologies to enhance the cyber security and resilience of avionics systems across various platforms, including manned, unmanned, and ISR systems, with a focus on mitigating vulnerabilities and advancing sensor technologies. The estimated program value is approximately $808.5 million, with multiple awards ranging from $1 million to $200 million, and proposals will be accepted through subsequent calls until November 1, 2025. Interested parties can reach out to Timothy Matelski at timothy.matelski@us.af.mil or Richard Bailey at richard.bailey.26@us.af.mil for further inquiries.
    16th Air Force Commercial Solutions Opening
    Dept Of Defense
    The Department of Defense, specifically the 16th Air Force, is issuing a Commercial Solutions Opening (CSO) to solicit innovative solutions aimed at enhancing the Air Force Information Network (AFIN) operations and Defense Cyberspace Operations (DCO). The primary objective is to address evolving cyber threats by improving resource allocation, addressing skill gaps, and enhancing training and defensive cyber capabilities. This opportunity is crucial for acquiring advanced technologies and services that can streamline operations and bolster the Air Force's mission capabilities. Interested parties can submit proposals for Call 0005, which is open for submissions from December 12, 2025, to January 26, 2026, and should contact Carissa Heuertz or Brian Cook at 16af.cso.workflow@us.af.mil for further information.
    Electronic Armor (EA) Software Support
    Dept Of Defense
    The Department of Defense, through the Naval Surface Warfare Center Dahlgren Division (NSWCDD), is seeking proposals for Electronic Armor (EA) Software Support, specifically for the integration and enhancement of Nightwing Intelligence Solutions, LLC software. The procurement aims to provide commercial engineering services to customize and secure the Electronic Armor Operating System (EA-OS) over a 12-month period, ensuring compatibility with existing systems and supporting Linux environments. This opportunity is critical for maintaining the security and functionality of defense software systems, with a firm fixed price contract anticipated to be awarded by January 15, 2026. Interested parties must submit their proposals by January 9, 2026, and direct any inquiries to Susan Madison at susan.h.madison.civ@us.navy.mil or by phone at (540) 613-3296.
    Case Development Modernization (CDM) and Case Lifecycle Task Management & Document Repository
    Dept Of Defense
    The Department of Defense, through the Washington Headquarters Services (WHS), is seeking qualified vendors for the Case Development Modernization (CDM) and Case Lifecycle Task Management & Document Repository project. This initiative aims to modernize the Defense Security Assistance Management System (DSAMS) by replacing outdated systems and enhancing the Foreign Military Sales (FMS) case lifecycle through a modular, service-based architecture that integrates with various external systems. The project emphasizes a "make" strategy for core capabilities while remaining open to low-code and SaaS solutions for task management and document repository functions, with a target contract award in FY2026. Interested parties should note that a Secret clearance level is required for personnel, and further details can be found in the attached documents from the recent Industry Day held on December 19, 2025.
    DARPA's Commercial Solutions Opening (DCSO) for Commercial Strategy
    Dept Of Defense
    The Defense Advanced Research Projects Agency (DARPA) is soliciting proposals under its Commercial Solutions Opening (DCSO) for transitioning and commercializing innovative solutions derived from DARPA-funded research and development efforts. The primary objective is to close military and civilian capability gaps by leveraging commercial solutions, with a particular focus on the Embedded Entrepreneur Initiative (EEI), which funds entrepreneurs to assist in commercialization efforts. This initiative is crucial for enhancing national security and economic growth by bridging the gap between innovation and practical application. Proposals are due by April 30, 2026, and must adhere to the updated solicitation requirements, including a detailed Statement of Work and pricing documentation. Interested parties can contact Melissa Ramirez at DARPACSO@darpa.mil for further information.
    Advanced Cyber Effects for Strategic Operations (ACESO)
    Dept Of Defense
    The Department of Defense, specifically the Department of the Air Force, is seeking white papers for the Advanced Cyber Effects for Strategic Operations (ACESO) program under the Advanced Research Announcement (ARA) FA8750-25-S-7005. This initiative aims to develop cyber operations prototypes that can be transitioned into operational DoD platforms to enhance superiority in the Cyber Domain, focusing on technologies such as assured and zero-trust infrastructure, Command, Control, Communications, Computers, and Intelligence (C4I), and Offensive Cyber Operations. With an estimated total funding of approximately $950 million, individual awards are expected to range from $10 million to $50 million, with the potential for awards up to $99.98 million, and the program is open for submissions until July 10, 2030. Interested parties should direct technical inquiries to Tanya Macrina at AFRL.RI.ACESO@us.af.mil and business inquiries to Amber Buckley at Amber.Buckley@us.af.mil.
    2024 Department of Homeland Security (DHS) Directorate of Science and Technology (S&T) Long Range Broad Agency Announcement (LRBAA) 24-01
    Homeland Security, Department Of
    The Department of Homeland Security (DHS) is seeking proposals through its Long Range Broad Agency Announcement (LRBAA) 24-01, aimed at funding scientific and technical projects that enhance homeland security capabilities. This five-year initiative, open until May 31, 2029, focuses on three types of research: near-term component gaps, foundational science, and future needs/emerging threats, covering key mission areas such as Counter Terrorism, Border Security, and Cyberspace Security. The submission process involves a three-step approach: Industry Engagement, Virtual Pitch, and Written Proposal, with eligibility extended to various entities, including small businesses. Interested parties can contact John Whipple at john.whipple@hq.dhs.gov or the LRBAA Program Mailbox at LRBAA.Admin@HQ.DHS.GOV for further information.
    DLA Research and Development; Acquisition Modernization Technology Research (AMTR) SP4701-23-B-0001
    Dept Of Defense
    The Department of Defense, through the Defense Logistics Agency (DLA), is seeking proposals for the Acquisition Modernization Technology Research (AMTR) program under solicitation SP4701-23-B-0001. This initiative aims to enhance defense acquisition processes by identifying and implementing IT modernization efforts and advanced technologies that align with strategic focus areas, particularly in logistics and supply chain management. The AMTR program is critical for addressing the evolving operational requirements of the DLA, with a projected funding of up to $50 million per year for three years, covering Fiscal Years 2024-2026. Interested vendors must submit full cost and technical proposals via email to the designated contacts by the initial closing date, with the BAA remaining open for five years and subsequent opportunities for White Papers after the initial evaluation period.