Vulnerability disclosure policies and vulnerability databases



Mar 15, 2021

OPEN Tender Procedure

Maximum budget €125.000,00

With this tender, ENISA aims to procure supporting services to take stock of existing policies and good practices on Coordinated Vulnerability Disclosure (CVD), in the EU Member States and outside the EU, as well as taking stock of the existing national, regional and global vulnerability registers and databases, and the formats, metrics, procedures used in these registers and databases.This tender has two main objectives:

Stocktaking of vulnerability disclosure policies and good practices in the EU: To draw up a report on existing national vulnerability disclosure policies and processes looking at how they work, what are good practices and lessons learned, what are challenges, legal issues, etc. This stock tacking will cover all EU countries, and some relevant third countries.

Stocktaking of global, regional and national vulnerability databases and registers: To draw up a report on existing national, regional and global vulnerability registers and databases, including an overview of formats and metrics used, to keep track of vulnerabilities and provide stakeholders with relevant information about them.

The tender documentation is officially available via the TED 'eTendering' platform, which gives exclusive access to the eSubmission portal for submitting your offer - please use this link:

The documentation is also provided for reference purposes only, by clicking on the title link above.

 Offers shall be sent electronically using 'e-Submission' ONLY

No file

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies