Tenders Are Invited For Service Provider To Conduct Penetration Testing (Pentesting) To Assess The Resilienc ... in Lebanon
Tender Notice
TenderID
107311632
Tender Brief
Tenders Are Invited For Service Provider To Conduct Penetration Testing (Pentesting) To Assess The Resilience Of Its Infrastructure And Applications Against Cyber Threats
Tenders are invited for Service Provider to Conduct Penetration Testing (Pentesting) to Assess the Resilience of its Infrastructure and Applications against Cyber Threats. Given the sensitive nature of financial data and client information, Al Majmoua seeks to engage a qualified service provider to conduct penetration testing (Pentesting) to assess the resilience of its infrastructure and applications against cyber threats. Consultancy Objectives The main objective of this assignment is to perform a thorough external only penetration test to: - Identify vulnerabilities in Al Majmouas IT infrastructure, including cloud and on-prem systems. - Evaluate the resilience of the MajFin MIS and other web applications. - Assess the strength of network configurations, VPNs, and firewalls. - Provide prioritized recommendations for remediation. Scope of work The Pentesting will include, but not be limited to, the following areas: a. Network Penetration Testing - External network penetration test of Azure-hosted systems. - VPN security testing (SSL VPN). - Firewall configuration review b. Application Penetration Testing - Web applications (MajFin MIS, client portals, staff tools). - Authentication and authorization mechanisms. - API security testing - OWASP Top 10 vulnerability testing. c. Infrastructure Security - Azure environment configuration review (IAM, identity protection, MFA, conditional access). Deliverables The service provider will be responsible for the following deliverables: 1. Inception Report (detailing methodology, tools, and testing schedule). 2. Interim Updates (alerts for critical/high vulnerabilities found during testing). 3. Final Report including: - Executive Summary. - Detailed findings with severity ratings (Critical, High, Medium, Low). - Exploited vulnerabilities and proof of concept (screenshots, evidence). - Risk impact assessment. - Recommendations and remediation roadmap. 4. Presentation to Management to summarize findings and answer questions Confidentiality : All findings and data must remain confidential. A Non-Disclosure Agreement (NDA) will be signed before the engagement. Duration of the Assignment The assignment is expected to last 24 weeks from contract signing. The assignment is expected to start mid-February 2026 and end in April 2026. Qualifications and Experience - Proven experience in penetration testing for financial institutions. - Certified professionals (OSCP, CEH, GPEN, CISSP, etc.). - Experience with Microsoft Azure security testing. - Familiarity with hybrid environments (cloud + on-prem). Tender Link : https://www.daleel-madani.org/calls-for-proposal
Dear Sir,
Warm Greetings from TenderDetail.com !!
We have received Tender Document request for the TDR No : 107311632
Tender Notice along with it's Attachments ( Tender Document / Scan Image of News Paper)
sent to your Email Address :.
Please check your email for Tender Document.
