Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



NATO Seeks Contractors to Test Security of Web Assets

NATO is looking for penetration testing vendors to assess the security of its internet-facing web assets.

The North Atlantic Treaty Organization (NATO) is looking for penetration testing vendors to assess the security posture of its internet-facing web assets.

A notice posted by the US Department of Commerce (DOC) last week shows that the NATO International Military Staff (IMS) plans to launch an invitation for International Competitive Bidding (ICB) in this regard.

“The requirement is to assess the cybersecurity posture of NATO internet-facing web assets through controlled penetration testing,” the notice reads.

For this job, NATO is looking for contractors that have a base in the US, which have been pre-approved for participation, and which have a declaration of eligibility (DOE) issued by the DOC.

Interested parties need to be pre-approved by the US government for participation in NATO ICB, on a facility-by-facility basis.

“The contract will be awarded for the lowest technically compliant bid. No partial bidding will be allowed,” the notice reads.

In support of their one-time application, contractors are required to provide a resume or statement indicating completed contracts and an annual report or financial documents indicating an independent audit.

Advertisement. Scroll to continue reading.

Interested parties have until April 25 to submit their applications to the DOC, which oversees the approval process.

The contract will be awarded for one year, with two one-year extension options.

Related: NATO’s Team in Albania to Help on Iran-Alleged Cyberattack

Related: China Not Happy With South Korea Joining NATO Cyber Defense Center

Related: Over 30 Countries Take Part in NATO’s ‘Locked Shields 2022’ Cyber Exercise

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...


Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Risk Management

In this virtual summit, SecurityWeek brings together expert defenders to share best practices around reducing attack surfaces in modern computing.

Artificial Intelligence

Microsoft and Mitre release Arsenal plugin to help cybersecurity professionals emulate attacks on machine learning (ML) systems.

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...