Bug Bounty Program Services

SPRIND GmbH intends to award a framework agreement for the provision of a bug bounty program and vulnerability disclosure services supporting the security of the German EU Digital Identity (EUDI) Wallet ecosystem. The bug bounty platform provider will operate a public bug bounty program on its own plat-form, attract and manage a qualified community of security researchers, and deliver end to end services from submission intake and vulnerability triage to researcher management and bounty payout administration. The agreement is aimed at experienced providers with a proven track record in running large scale bug bounty programmes, especially for public sector bodies or operators of critical infrastructure. Further information on the scope of services can be found in the service description (Annex B of Part C framework agreement).