Cabinet Office to ‘fill gaps’ in vulnerability scanning of technology

Written by PublicTechnology staff on 29 March 2023 in News

New deal covers 13,500 end-user and on-site devices, AWS accounts and public-facing domains 

Credit: Willi Heidelbach/Pixabay

The Cabinet Office has awarded a £438,488 contract for a cloud-based vulnerability exposure platform, allowing it to look for cybersecurity weaknesses across its technology infrastructure.

According to the statement of requirements published with the contract-award notice, the department’s cyber security team has been using an on-premises vulnerability scanner which could only assess public-facing domains and included “a very small number of licences” for US firm's specialist Tenable’s exposure management platform. 

The new service – also based on Tenable technology, under licence from IT reseller Softcat, for up to two years – will be able to assess around 15,000 asset across the Cabinet Office, including Government Digital Service. This includes 12,500 end-user devices, 1,000 on-site physical devices, 1,000 Amazon Web Services accounts and 300 public-facing domains.

Related content

The statement of requirements said that this will support the Cabinet Office’s aim of developing vulnerability management “beyond MVP” (minimum viable product) and “where appropriate, fill in the remaining gaps that exist with our existing capabilities”.

The document said that only 5,000 assets will be included within the first year of the contract, with the full number reached in the second year. It also estimated that the contract would rather than in mid-March.

A quotation from Softcat for the work, produced on 26 January and also published with the contract award notice, shows that the service will use Tenable One Enterprise and that Softcat offered a two-year price of £302,321. 



Share this page




Please login to post a comment or register for a free account.

Related Articles

Ministers pledge to remove Chinese tech from government sites
9 June 2023

Move comes alongside plan to create national security-focused procurement team

Cost of developing emergency alerts system pegged at £25m
5 June 2023

Minister reveals up more than £4m spent on testing, security and other support contracts

‘Extremely concerned and disappointed’ – more councils caught up in Capita breach
24 May 2023

Authorities have complained about the lack of time taken to be notified by IT firm and wrongly being told personal data was not put at risk 

Rochford District Council pins data breach on Capita’s ‘unsafe storage’
17 May 2023

Authority claims it is taking ‘swift and decisive action’ in response to incident it claims affected several councils

Related Sponsored Articles

Proactive defence: A new take on cyber security
16 May 2023

The traditional reactive approach to cybersecurity, which involves responding to attacks after they have occurred, is no longer sufficient. Murielle Gonzalez reports on a webinar looking at...