| NAICS: 541511 - Custom Computer Programming Services |
Competition: YES |
|
Small Business Set-Aside: Full
|
Small Business Program: SB |
| Contract Vehicle: GWAC |
Contract Type: Firm Fixed Price |
|
Contract Status:
New Requirement
|
Anticipated Award Quarter: Q4 FY2025 |
| Estimated Solicitation Release: 2025-07-29 |
Contract Complete: 2026-09-27 |
| Requirements Title: Application Security Platform (ASP) Static Application Security Testing |
| Description: USCIS has a requirement for Application Security Platform testing. Application Security Platform (ASP) Static Application Security Testing. USCIS requires a cloud native unified application security platform which can be hosted within USCIS's Amazon Virtual Private Cloud. USCIS's applications are made up of many different components (e.g., custom source code, Infrastructure as Code, APIs, Open-source libraries). This poses a challenge for USCIS as the attack surface has expanded and become more complex. USCIS needs a solution that will automatically show how the different components of the application interact with each other and where/how they are deployed. Software Composition Analysis. USCIS requires a Software Composition Analysis solution that provides real time threat intelligence on malicious packages, in addition to traditional vulnerability assessments of open-source libraries and applications. The threat landscape has evolved and in recent years there has been a rise in adversaries imbedding malicious code into popular open-source libraries as a backdoor into the enterprise. To stay ahead of this threat, a unified application security platform that encompasses SAST and SCA will allow USCIS to quickly visualize how an application operates, and where lateral movement could occur. Without this capability, USCIS will be unable to understand the context of identified vulnerabilities and will struggle to prioritize remediation efforts.
This requirement would normally be announced as a FIRSTSOURCE opportunity. Due to FIRSTSOURCE II expiring and FIRSTSOURCE III not available to use, USCIS is establishing this record for industry’s awareness with uncertainties as to which acquisition vehicle will be used. USCIS will update this record when the appropriate vehicle is determined. |
| Estimated Dollar Range:
$2,000,000.00 to $5,000,000.00
|
Place of Performance: Camp Springs, MD
|
| POC Name: Jose M Soiza Soiza |
Alternate POC Name: Sylwia Salkic |
| POC Phone: (202) 870-6392 |
Alternate POC Phone: (802) 872-4134 |
| POC Email: [email protected] |
Alternate POC Email: [email protected] |
