The European tender concerns the delivery of vulnerability scanning software (lot 1), pen testing services highly sensitive (lot 2) and standard pen testing services (lot 3).

We define vulnerability scanning as the (continuous) automated checking of the security of IT systems and / or IT infrastructure with a vulnerability scanner.

Pentesting services include the attempt by a qualified pentester to find and exploit vulnerabilities in systems in a manner consistent with the approach of a malicious hacker.

Vulnerability scanning software is software with which (continuous) automated checks are made on the safety of IT systems and / or IT infrastructure.

Pentesting service provision highly sensitive (lot 2) includes attempting to find vulnerabilities in systems through a qualified pentester and to exploit them in a way that is similar to the approach of an evil hacker. This parcel is about systems and applications with trade secrets and / or state secrets.

Pentesting service standard (Lot 3) includes attempting to find and exploit system vulnerabilities by a qualified pentester in a manner consistent with the approach of a malicious hacker. This parcel is standard pen testing, not being pen testing in systems and applications with trade secrets and / or state secrets.