RFQ 26-04668 for Vulnerability Management Program Support and Penetration Testing Services

Solicitation: Not available

Notice ID: ma_commbuys_7deb5eadd55cd909020d

NAICS • 80, 11, 18Set-Aside • SBPP Eligible: NO Department • Executive Office of Technology Services and Security Agency • ITD0001 - Executive Office of Technology Services and Security State • MAPosted • —Due • Apr 08, 2026, 03:00 PM UTC• Closes in 0 days

Federal opportunity from ITD0001 - Executive Office of Technology Services and Security • Executive Office of Technology Services and Security. Place of performance: MA. Response deadline: Apr 08, 2026. Industry: NAICS 80, 11, 18.

Department hub Agency hub State hub NAICS search Set-aside hub

Market snapshot

Baseline awarded-market signal across all contracting (sample of 400 recent awards; refreshed periodically).

Market trends →Awards →

12-month awarded value

$1,752,134,213

Sector total $1,752,134,213 • Share 100.0%

Live

Median

$85,800

P10–P90

$27,155–$802,160

Volatility

Volatile200%

Market composition

NAICS share of sector

A simple concentration signal, not a forecast.

100.0%

Momentum (last 3 vs prior 3 buckets)

+100%($1,752,134,213)

Deal sizing

$85,800 median

Use as a pricing centerline.

Live signal is computed from awarded notices already observed in the system.

NAICS 80 trends Sector 80 trends Department Agency MA state hub All trends

Signals shown are descriptive of observed awards; not a forecast.

Related hubs & trends

Navigate the lattice: hubs for browsing, trends for pricing signals.

State MA NAICS 80 search Sector 80 trends Set-aside Set-aside trends Department Department trends Agency Agency trends

We write these bids →

Open on official portal →

Live POP

Place of performance

1 No Address See Item Section for specific information Vendors need to check the Items section of the PO for ship to information Boston, MA 02108 US Email: seeitemsssection@xxx.com Phone: (617) 626-4400

State: MA

Contracting office

Not listed

Applicable Wage Determinations

SAM WDOL references matched to this opportunity's location and scope language.

WD Directory →

Best fit for this contractDavis-Bacon

MA20260010 (Rev 0)

Match signal: state matchOpen WD

Published Jan 02, 2026Massachusetts • Berkshire, Franklin, Hampden +1

Rate

BOILERMAKER

Base $50.62Fringe $28.82

Rate

BRICKLAYER BRICKLAYERS; CEMENT MASONS; PLASTERERS; STONE MASONS; MARBLE, TILE & TERRAZZO WORKERS

Base $50.81Fringe $32.27

+64 more occupation rates available in the full WD.

View more for this contract

3 more WD matches and 64 more rate previews.

↓

Davis-BaconBest fitstate match

MA20260010 (Rev 0)

Open WD

Published Jan 02, 2026Massachusetts • Berkshire, Franklin, Hampden +1

Rate

BOILERMAKER

Base $50.62Fringe $28.82

Rate

BRICKLAYER BRICKLAYERS; CEMENT MASONS; PLASTERERS; STONE MASONS; MARBLE, TILE & TERRAZZO WORKERS

Base $50.81Fringe $32.27

Rate

DIVER TENDER

Base $61.70Fringe $35.47

+63 more occupation rates in this WD

Davis-Baconstate match

MA20260004 (Rev 0)

Open WD

Published Jan 02, 2026Massachusetts • Barnstable, Berkshire, Bristol +8

Rate

Bricklayer, Plasterer, Stonemason

Base $62.40Fringe $34.40

Rate

Bricklayer, Plasterers, Stonemasons, Tile Layers

Base $50.81Fringe $32.27

Rate

BRICKLAYER

Base $62.40Fringe $34.40

+43 more occupation rates in this WD

Davis-Baconstate match

MA20260020 (Rev 0)

Open WD

Published Jan 02, 2026Massachusetts • Hampshire

Rate

POWER EQUIPMENT OPERATOR Group 1

Base $57.83Fringe $33.70

Rate

Group 2

Base $57.18Fringe $33.70

Rate

POWER EQUIPMENT OPERATOR Group 1

Base $42.88Fringe $31.04

+21 more occupation rates in this WD

Davis-Baconstate match

MA20260007 (Rev 0)

Open WD

Published Jan 02, 2026Massachusetts • Franklin

Rate

CARPENTER

Base $43.33Fringe $27.82

Rate

Power equipment operators: (1) Backhoe/Excavator/Trackhoe

Base $42.88Fringe $31.04

Rate

A (1) Loader

Base $42.88Fringe $31.04

+8 more occupation rates in this WD

Point of Contact

Not available

Agency & Office

Department

Executive Office of Technology Services and Security

Agency

ITD0001 - Executive Office of Technology Services and Security

Subagency

ITD0001 - Executive Office of Technology Services and Security

Office

Shawn Johnson

Contracting Office Address

Not available

Description

The purpose of this RFQ is to solicit bids for Vulnerability Management Program Support, Application Security Program Support, and Penetration Testing Services. See RFQ for complete detail. Respondents must be current awarded bidders under Statewide Contract ITS78. Non-ITS78 vendors may collaborate with ITS78 vendors provided that the ITS78 vendor submits the bid, and that the relationship and duties are clear.

Files

Files size/type shown when available.

BidPulsar Analysis

A practical, capture-style breakdown of fit, requirements, risks, and next steps.

Updated: Mar 19, 2026

Client-ready brief

Executive summary

medium confidencegpt 4o mini

The RFQ 26-04668 aims to procure Vulnerability Management Program Support and Penetration Testing Services for the Executive Office of Technology Services and Security. Respondents must be currently awarded bidders under Statewide Contract ITS78, ensuring compliance with established vendor requirements. This presents an opportunity for specialized firms in cybersecurity to partner with existing ITS78 vendors or respond directly if they are part of the contract.

Vulnerability ManagementPenetration TestingCybersecurity ServicesITS78 Compliance

What the buyer is trying to do

The buyer is seeking to enhance their cybersecurity posture by obtaining comprehensive vulnerability management and penetration testing services.

Who should pursue this

Vendors currently awarded under Statewide Contract ITS78
Cybersecurity firms with prior experience in vulnerability management

Work breakdown

Vulnerability Management Program Support
Application Security Program Support
Penetration Testing Services

Response package checklist

Current award confirmation under Statewide Contract ITS78
Proposal detailing capabilities in vulnerability management and penetration testing
Cooperative agreement outlines if collaborating with an ITS78 vendor

More BidPulsar strategy notesCompliance, pricing, teaming, risks, questions, and coverage notes

Compliance notes

Must be current awarded bidders under Statewide Contract ITS78
Collaborative bids require clear role definitions

Pricing strategy

Consider competitive pricing within the cybersecurity sector
Long-term engagement models may be advantageous

Teaming and subs

Identify potential ITS78 vendors for collaboration
Consider cybersecurity specialists focusing on specific service areas

Risks and watchouts

Potential delays in bid approval from collaborating vendors
Misalignment of roles in collaborative proposals

Smart questions to ask

What are the specific metrics for success in the vulnerability management program?
What is the expected volume and frequency of penetration testing services required?

Source coverage notes

Some notices publish limited source detail. Confirm these points before final bid/no-bid decisions.

Posted date of RFQ is unavailable
Specific details about the scope of vulnerability management services are not provided
Expected budget for the RFQ is missing
Criteria for evaluating vendor proposals are not detailed
No information on place of performance provided

Ask Us To Handle This Bid →Our Services →

FAQ

How do I use the Market Snapshot?

It summarizes awarded-contract behavior for the opportunity’s NAICS and sector, including a recent pricing band (P10–P90), momentum, and composition. Use it as context, not a guarantee.

Is the data live?

The signal updates as new awarded notices enter the system. Always validate the official award and solicitation details on SAM.gov.

What do P10 and P90 mean?

P10 is the 10th percentile award size and P90 is the 90th percentile. Together they describe the typical spread of award values.