GSA Conducting Market Research on Application Security Testing Solutions

The General Services Administration has issued a request for information for application security testing capabilities. 

GSA explained that federal agencies already use sophisticated tools for weeding out detectable vulnerabilities from applications.

However, the government cannot rely solely on automation and must also bring in deep cybersecurity expertise for manual analysis, according to the RFI posted on SAM .gov.

GSA said it is conducting market research on both automated tools and expert manual analysis. The effort is aimed at helping federal agencies make sense of the complex marketplace and make the most out of what is available.

In the SAM .gov post, GSA attached a questionnaire with a checklist of desired capabilities and sections where vendors can describe their offerings in technical detail.

The agency said that not all of the questionnaire’s 50 questions are applicable to every offering, noting that niche solutions may provide value due to the uniqueness of some federal systems.

Responses are due Sept. 30.

GSA issued the RFI as government agencies work to comply with President Joe Biden’s May 2021 cybersecurity executive order.

The executive order calls for more partnerships with the private sector and for the adoption of zero trust security models, multi-factor authentication and other modern cybersecurity measures.