KT Rwanda Networks Ltd is the only 4G LTE infrastructure company in Rwanda, jointly invested by the Government of Rwanda and kt exclusively for wholesale provision of universal mobile broadband network in Rwanda using 4G LTE technology. The wholesale network service for mobile broadband will help to promote healthy competition for advanced retail services and solutions, and will benefit consumers, enterprises and the nation in transforming Rwanda into the ICT hub of East Africa.

Website:
http://www.ktrn.rw
REQUEST FOR PROPOSAL

Title: External audit Vulnerability Assessment and Penetration testing (VAPT)

Tender No: KTRN/ADMIN/S/2020/02/002

Date of issue: 5th February 2020

Date of bid submission: 14th February 2020

Time: 2:00PM

I. INTRODUCTION

KTRN is the only 4G LTE infrastructure company in Rwanda, jointly invested by the Government of Rwanda and Korea Telecom (KT) exclusively for the wholesale provision of the universal mobile broadband network in Rwanda using 4G LTE technology. The wholesale network service for mobile broadband will help to promote healthy competition for advanced retail services and solutions and will benefit consumers, enterprises and the nation in transforming Rwanda into the ICT hub of East Africa. The company also provides wholesale fixed services based on its national wide fibre infrastructure to licensed operators in Rwanda.

KTRN would like to conduct a security assessment to identify security vulnerabilities within its environment by evaluating the strength and/or weakness of its applications, network, and systems.

It�s in this regard KTRN is looking for a qualified company to conduct the security assessment submit their technical and financial proposal.

Objective

Conduct security assessment (Vulnerability assessment and penetration testing) on the following:

1. Total nodes (IP based) to be tested 500 (Including servers & workstations)

2. 20 Applications (Windows and web)

3. After conducting VAPT � Write a comprehensive remediation plan on identified issues

4. Help & Support KTRN team in fixing security-related identified loopholes

5. Penetration testing planning

6. Reconnaissance

7. Vulnerability Analysis

8. Exploitation

9. External attacks

10. Internal attacks

11. Post Exploitation

12. Reporting

Requirements to bid;

A) Administrative

i) The bidder will be required to submit a copy of trade license certificate (locals)

ii) The bidder will be required to submit copies of RRA and RSSB certificates (locals)

iii) 3 references of similar works done

iv) A team of qualified personnel to carry out the implementation

v) The bidder will be required to submit a copy of license from RURA

B) Technical

Detailed technical proposal

C) Financial proposal

Well prepared, properly bound bids (Administrative, Technical and Financial) should be sent to [email protected]. Not later than 14th February 2020 2020 at 2:00 pm. Late bids shall be rejected.

For any inquiry, you can write to [email protected]. and Cc: [email protected], at least 2 days before the bids submission deadline.

Done at Kigali, on 5th February 2020.

Mike BWATETE

Procurement Specialist