Vulnerability disclosure policies and vulnerability databases



Mar 15, 2021

OPEN Tender Procedure

Maximum budget €125.000,00

With this tender, ENISA aims to procure supporting services to take stock of existing policies and good practices on Coordinated Vulnerability Disclosure (CVD), in the EU Member States and outside the EU, as well as taking stock of the existing national, regional and global vulnerability registers and databases, and the formats, metrics, procedures used in these registers and databases.This tender has two main objectives:

Stocktaking of vulnerability disclosure policies and good practices in the EU: To draw up a report on existing national vulnerability disclosure policies and processes looking at how they work, what are good practices and lessons learned, what are challenges, legal issues, etc. This stock tacking will cover all EU countries, and some relevant third countries.

Stocktaking of global, regional and national vulnerability databases and registers: To draw up a report on existing national, regional and global vulnerability registers and databases, including an overview of formats and metrics used, to keep track of vulnerabilities and provide stakeholders with relevant information about them.

The tender documentation is officially available via the TED 'eTendering' platform, which gives exclusive access to the eSubmission portal for submitting your offer - please use this link:

The documentation is also provided for reference purposes only, by clicking on the title link above.

 Offers shall be sent electronically using 'e-Submission' ONLY

No file

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information