26 Jun 2019

Cyber Threat Intelligence (CTI) and Feeds Services

Type of document: Contract Notice
Country: Belgium

2. Awarding Authority: European Organisation for the Safety of Air Navigation, BE Tel: +32 2 729 9676. Email: paraskevi.logotheti.ext@eurocontrol.int. (Mrs. Paraskevi Logotheti, Eurocontrol Procurement Services)
3. Contract type: Service contract
4. Description: We provide the following services: Provides proactive cyber-security services (e.g. penetration testing, vulnerability assessment, infrastructure/best practices reviews) first within Eurocontrol and on a voluntary basis progressively to Eurocontrol Stakeholders (ANSPs and Airport Operators); Collects, generates and distributes ATM relevant cyber intelligence within Eurocontrol and on a voluntary basis to Eurocontrol Stakeholders (ANSPs and Airport Operators); Coordinates pan-European ATM response to ATM relevant cyber-security alerts/incidents on a voluntary basis (including support to EACCC); Common Procurement of cyber services (intel, feeds, leaks, …) for the community (ANSPs, AOs), Support National CERTs to fulfil their role as per NIS Directive for ATM related Operators of Essential Services. These services are made possible through our collaboration with national and international ATM Stakeholders, ATM manufacturers, sectorial/national CERT’s and CSIRT’s, European Aviation Safety Agency (EASA) / European Center for Cyber Security in Aviation (ECCSA), among others. This CFT No. 19-110346-A aims at supporting the proactive services dealing with alerts, warnings. Eurocontrol is seeking for Contractors specialized in the provision of Cyber Threat Intelligence (CTI) and feeds (vulnerabilities; Indicators of Compromise (IoCs); Tactics, Techniques and Procedures (TTPs) in real-time through an alert system for their clients. Eurocontrol is seeking for Contractors continuously monitoring the Surface Web, Deep Web, Dark Web and Connected Storage in order to identify sensitive and potentially threatening information, connected to sources (whatever) identifying new vulnerabilities, IoCs, TTPs, threats and any other relevant related information. This non-intrusive service does not require modifications to the Eurocontrol or Stakeholders IT infrastructure and complements IT security services such as penetration testing, log analysis, security audits, intruder detection, etc.
5. CPV Code(s): 72000000, 72212730
6. NUTS code(s): Not provided.
7. Main site or location of works, main place of delivery or main place of performance: Not Provided.
8. Reference attributed by awarding authority: 19-110346-A
9. Estimated value of requirement: Not provided.
10. Closing Date: (Brussels, Belgium time) 22.7.2019 (15:00).
11. Address to which they must be sent: For further information and instructions in the above contract notice please visit website:
12. Other information: TKR-2019625-EX-1091401