Background

[BKozisek7]

Question/Comment on TTS Bug Bounty RFQ

Name and affiliation

Brett Kozisek
Director
Synack Inc.

Section of RFQ documents

RFQ Section 2.0 - Background - https://github.com/18F/tts-buy-bug-bounty/blob/master/2018-procurement/RFQ.md#20-background Third paragraph in this section there is a statement that states “a contractor provides a Bug Bounty SaaS platform that can achieve the goals of the TTS while providing the best value to the government must be one that is well-established.”

Question/Comment

What metrics will the government use to define a well established Bug Bounty SaaS platform besides the size of the pool of researchers in the community that would use the platform?

[MichelleMcNellis]

TTS intends to make a qualitative determination about whether a vendor is well-established rather than relying primarily on metrics as outlined within RFQ Section 5.0 Evaluation Process.