To support and enhance Finnish Tax Administration's IT security on its various public web services, Finnish Tax Administration is acquiring a service provider to handle crowdsourced security testing program. The acquired service must fulfill the requirements for running and developing Tax Administration's multiple Bug Bounty campaigns. The goal for Finnish Tax Administration is to develop its security-testing procedures. As a new operational model, Finnish Tax Administration has started to use crowdsourced security testing. Crowdsourced security testing (Bug Bounty Program) includes several Bug Bounty campaigns and separate security testing events. The goal is to get a better coverage on security testing. With bug bounties, it is possible to get hold of hackers with different set of skills. It is possible to get hackers testing with wide-ranging techniques. The plan is to arrange and maintain bug bounty campaigns against Finnish Tax Administration's different ICT-services.
Määräaika
Tarjousten vastaanottamisen määräaika oli 2019-02-20.
Hankinta julkaistiin 2019-01-18.
Toimittajat
Seuraavat toimittajat mainitaan hankintapäätöksissä tai muissa hankinta-asiakirjoissa:
Kohde Hankinnan laajuus
Otsikko: Bug Bounty program
VH/45/02.10.01/2019
Tuotteet/palvelut: Tietotekniikkapalvelut📦
Lyhyt kuvaus:
“To support and enhance Finnish Tax Administration's IT security on its various public web services, Finnish Tax Administration is acquiring a service...”
Lyhyt kuvaus
To support and enhance Finnish Tax Administration's IT security on its various public web services, Finnish Tax Administration is acquiring a service provider to handle crowdsourced security testing program. The acquired service must fulfill the requirements for running and developing Tax Administration's multiple Bug Bounty campaigns. The goal for Finnish Tax Administration is to develop its security-testing procedures. As a new operational model, Finnish Tax Administration has started to use crowdsourced security testing. Crowdsourced security testing (Bug Bounty Program) includes several Bug Bounty campaigns and separate security testing events. The goal is to get a better coverage on security testing. With bug bounties, it is possible to get hold of hackers with different set of skills. It is possible to get hackers testing with wide-ranging techniques. The plan is to arrange and maintain bug bounty campaigns against Finnish Tax Administration's different ICT-services.
Näytä lisää
Arvioitu arvo ilman arvonlisäveroa: EUR 150 000 💰
1️⃣
Suorituspaikka: Suomi/Finland🏙️
Hankinnan kuvaus:
“Finnish Tax Administration is heavily investing on digitalization. There are several development programs ongoing and due to security being one of the main...”
Hankinnan kuvaus
Finnish Tax Administration is heavily investing on digitalization. There are several development programs ongoing and due to security being one of the main factors, Finnish Tax Administration is constantly developing and improving issues relating to security. One of the targets is to get even better coverage for security testing. A part of fulfilling this target is to execute Bug Bounty campaigns within the program against specified online services of the Finnish Tax Administration. Finnish Tax Administration's aim is to acquire a service provider that can help on our bug bounties to be well handled and tempting targets for the testers. This requires a high-level quality on both the providers and Tax Administration's side. Finnish Tax Administration is looking for a provider that will manage the bug bounties and provide reports from the possible findings to Tax Administration. Therefore, service providers' tasks include, at least creating rules, scope, and bounty value table and consulting the correct bounty values from valid reports together with Finnish Tax Administration. Service providers tasks would then include at least launching the program in the selected platform, handling things related to hackers (for example credentials and communication), identifying findings and reporting them to Finnish Tax Administration.
Näytä lisää Myöntämisperusteet
Hinta ei ole ainoa myöntämisperuste, ja kaikki perusteet ilmoitetaan ainoastaan hankinta-asiakirjoissa
Kesto
Aloituspäivä: 2019-04-01 📅
Loppupäivä: 2021-03-31 📅
Oikeudelliset, taloudelliset, rahoitukselliset ja tekniset tiedot Osallistumisehdot
Luettelo ja lyhyt kuvaus olosuhteista:
“Tenderer's suitability requirements are described in the ESPD form (European Single Procurement Document).” Taloudellinen ja rahoituksellinen asema
Hankinta-asiakirjoissa mainitut valintaperusteet
Tekninen ja ammatillinen pätevyys
Hankinta-asiakirjoissa mainitut valintaperusteet
Sopimukseen liittyvät ehdot
Sopimuksen täytäntöönpanoehdot:
“The Finnish Tax Administration selects one (1) supplier with whom it will enter into an agreement. A draft agreement is attached to this call for tenders as annex 1.”
Sopimuksen täytäntöönpanoehdot
The Finnish Tax Administration selects one (1) supplier with whom it will enter into an agreement. A draft agreement is attached to this call for tenders as annex 1.
Menettely Toimenpiteen tyyppi
Avoin menettely
Hallinnolliset tiedot
Tarjousten tai osallistumishakemusten vastaanottamisen määräaika: 2019-02-20
12:00 📅
Kielet, joilla tarjoukset tai osallistumishakemukset voidaan jättää: englanti 🗣️
Kielet, joilla tarjoukset tai osallistumishakemukset voidaan jättää: suomi 🗣️
Jäljempänä oleva aikataulu on ilmaistu kuukausina.
Vähimmäisaika, jonka kuluessa tarjoajan on pidettävä tarjous voimassa: 6
Tarjousten avaamista koskevat ehdot: 2019-02-20
13:00 📅
Tarjousten avaamista koskevat ehdot (paikka): The opening of the tenders is not a public event.
Täydentävät tiedot Tietoa sähköisistä työnkuluista
Sähköistä tilaamista käytetään
Sähköinen laskutus hyväksytään
Sähköistä maksua käytetään
Arvostelurunko
Nimi: The Market Court
Postiosoite: Radanrakentajantie 5
Postitoimipaikka: Helsinki
Postinumero: 00520
Maa: Suomi 🇫🇮
Puhelin: +358 295643300📞
Sähköposti: markkinaoikeus@oikeus.fi📧
Faksi: +358 295643314 📠
URL: http://www.oikeus.fi/markkinaoikeus🌏 Uudelleentarkastelumenettely
Tarkat tiedot uudelleentarkastelumenettelyjen määräajasta (määräajoista):
“Review of the decision on public contract or other decision made during the award procedure may be sought by requesting correction from the contracting...”
Tarkat tiedot uudelleentarkastelumenettelyjen määräajasta (määräajoista)
Review of the decision on public contract or other decision made during the award procedure may be sought by requesting correction from the contracting entity in accordance with the Act on Public Contracts and Concession Contracts (the Public Contracts Act, 1397/2016). In those cases where the value of the contract exceeds the threshold amount set out in section 25 and 26 of the Act, appeal may also be made to the Market Court within 14 days after contract award.
Näytä lisää
Lähde: OJS 2019/S 015-031460 (2019-01-18)
Ilmoitus tehdystä sopimuksesta (2019-07-11) Kohde Hankinnan laajuus
Otsikko: Bug Bounty Program
Lyhyt kuvaus:
“To support and enhance Finnish Tax Administration's IT security on its various public web services, Finnish Tax Administration is acquiring a service...”
Lyhyt kuvaus
To support and enhance Finnish Tax Administration's IT security on its various public web services, Finnish Tax Administration is acquiring a service provider to handle crowdsourced security testing program. The acquired service must fulfill the requirements for running and developing tax administration's multiple bug bounty campaigns. The goal for Finnish Tax Administration is to develop its security-testing procedures. As a new operational model, Finnish Tax Administration has started to use crowdsourced security testing. Crowdsourced security testing (bug bounty program) includes several bug bounty campaigns and separate security testing events. The goal is to get a better coverage on security testing. With bug bounties, it is possible to get hold of hackers with different set of skills. It is possible to get hackers testing with wide-ranging techniques. The plan is to arrange and maintain bug bounty campaigns against Finnish Tax Administration's different ICT-services.
Näytä lisää
Hankinnan kokonaisarvo (ilman arvonlisäveroa): EUR 150 000 💰
Kuvaus
Hankinnan kuvaus:
“Finnish Tax Administration is heavily investing on digitalization. There are several development programs ongoing and due to security being one of the main...”
Hankinnan kuvaus
Finnish Tax Administration is heavily investing on digitalization. There are several development programs ongoing and due to security being one of the main factors, Finnish Tax Administration is constantly developing and improving issues relating to security. One of the targets is to get even better coverage for security testing. A part of fulfilling this target is to execute bug bounty campaigns within the program against specified online services of the Finnish Tax Administration. Finnish Tax Administration's aim is to acquire a service provider that can help on our bug bounties to be well handled and tempting targets for the testers. This requires a high-level quality on both the providers and Tax Administration's side.
Näytä lisää Myöntämisperusteet
Laatukriteeri (nimi): Quality
Laatukriteeri (painotus): 30
Hinta (painotus): 70
Menettely Hallinnolliset tiedot
Tätä menettelyä koskeva aiempi julkaisu: 2019/S 015-031460
Sopimuksen tekeminen
1️⃣
Otsikko: Bug Bounty Program
Sopimuksen tekopäivä: 2019-07-10 📅
Tietoa tarjouskilpailuista
Saatujen tarjousten määrä: 1
Toimeksisaajan nimi ja osoite
Nimi: Second Nature Security Oy
Kansallinen rekisterinumero: 2324099-8
Postitoimipaikka: Espoo
Maa: Suomi 🇫🇮
Alue: Suomi/Finland🏙️
Toimeksisaaja on pk-yritys
Tiedot sopimuksen/erän arvosta (ilman alv:tä)
Sopimuksen/osuuden kokonaisarvo: EUR 150 000 💰
Täydentävät tiedot Uudelleentarkastelumenettely
Tarkat tiedot uudelleentarkastelumenettelyjen määräajasta (määräajoista):
“Review of the decision on public contract or other decision made during the award procedure may be sought by requesting correction from the contracting...”
Tarkat tiedot uudelleentarkastelumenettelyjen määräajasta (määräajoista)
Review of the decision on public contract or other decision made during the award procedure may be sought by requesting correction from the contracting entity in accordance with the Act on Public Contracts and Concession Contracts (the Public Contracts Act, 1397/2016). In those cases where the value of the contract exceeds the threshold amount set out in Section 25 and 26 of the Act, appeal may also be made to the market court within 14 days after contract award.
Näytä lisää
Lähde: OJS 2019/S 134-330097 (2019-07-11)