PBGC awards $2.38M contract for Qualys Web Application Scanning to Aurora Systems Consulting Inc
Contract Overview
Contract Amount: $238,384 ($238.4K)
Contractor: Aurora Systems Consulting Inc
Awarding Agency: Pension Benefit Guaranty Corporation
Start Date: 2022-07-21
End Date: 2026-07-31
Contract Duration: 1,471 days
Daily Burn Rate: $162/day
Competition Type: FULL AND OPEN COMPETITION AFTER EXCLUSION OF SOURCES
Number of Offers Received: 4
Pricing Type: FIRM FIXED PRICE
Sector: Other
Official Description: QUALYS WEB APPLICATION SCANNING
Place of Performance
Location: WASHINGTON, DISTRICT OF COLUMBIA County, DISTRICT OF COLUMBIA, 20024
Plain-Language Summary
Pension Benefit Guaranty Corporation obligated $238,383.7 to AURORA SYSTEMS CONSULTING INC for work described as: QUALYS WEB APPLICATION SCANNING Key points: 1. Contract provides essential web application security scanning services. 2. Aurora Systems Consulting Inc. is the sole awardee. 3. The contract duration is over 4 years, indicating a long-term need. 4. The fixed-price contract type aims to control costs. 5. The service falls under 'Other Computer Related Services' NAICS code. 6. The award was made under full and open competition after exclusion of sources.
Value Assessment
Rating: good
The contract value of $2.38 million over approximately 4 years for web application scanning services appears reasonable. Benchmarking against similar cybersecurity contracts is challenging without more specific service details and market data. However, the fixed-price nature of the contract suggests a degree of cost certainty for the Pension Benefit Guaranty Corporation (PBGC). The award to a single vendor implies a focused approach to acquiring this specific capability.
Cost Per Unit: N/A
Competition Analysis
Competition Level: full-and-open
This contract was awarded under 'FULL AND OPEN COMPETITION AFTER EXCLUSION OF SOURCES'. While the specific reasons for excluding sources are not detailed here, the 'full and open' designation suggests that a broad solicitation was issued, and multiple offers were likely considered. The presence of 4 bidders indicates a competitive process, which generally leads to better price discovery and value for the government.
Taxpayer Impact: The competitive nature of this award, despite the exclusion of some sources, is beneficial for taxpayers as it likely resulted in a more favorable price than a sole-source procurement.
Public Impact
The Pension Benefit Guaranty Corporation (PBGC) benefits from enhanced cybersecurity posture. Services delivered include regular scanning and assessment of web applications for vulnerabilities. The geographic impact is primarily within the District of Columbia, where PBGC is headquartered. The contract supports IT security professionals and analysts within the agency.
Waste & Efficiency Indicators
Waste Risk Score: 50 / 10
Warning Flags
- Limited public information on the specific performance metrics and success criteria for the scanning services.
- The exclusion of sources, even within a full and open competition framework, warrants further understanding of the rationale.
Positive Signals
- The use of a fixed-price contract type helps to manage budget predictability.
- The contract duration of over 4 years suggests a stable and ongoing requirement for these critical security services.
- The award was made following a competitive process with multiple bidders.
Sector Analysis
The cybersecurity market, particularly for application security and vulnerability management, is a rapidly growing sector. Companies like Qualys provide essential tools and services that organizations across all industries rely on to protect their digital assets. Federal agencies are increasingly investing in these solutions to combat sophisticated cyber threats. This contract fits within the broader IT services and cybersecurity sector, where spending is robust and driven by evolving threat landscapes and regulatory requirements.
Small Business Impact
There is no indication that this contract included a small business set-aside. The award was made to Aurora Systems Consulting Inc. Further analysis would be needed to determine if subcontracting opportunities exist for small businesses within this contract's scope.
Oversight & Accountability
Oversight for this contract would typically be managed by the Pension Benefit Guaranty Corporation's contracting officers and program managers. Accountability measures are inherent in the fixed-price contract structure, requiring delivery of specified services. Transparency is facilitated by the federal procurement data system, which publishes contract awards. Inspector General jurisdiction would apply if any fraud, waste, or abuse were suspected.
Related Government Programs
- Federal Cybersecurity Strategy
- IT Services Procurement
- Vulnerability Management Programs
- Web Application Security
Risk Flags
- Potential for vendor lock-in if specific Qualys expertise is required.
- Risk of evolving threats outpacing scanning capabilities.
- Dependence on contractor performance for timely vulnerability identification.
Tags
cybersecurity, it-services, pbgc, pension-benefit-guaranty-corporation, district-of-columbia, full-and-open-competition, fixed-price, web-application-scanning, vulnerability-management, aurora-systems-consulting-inc, qualys
Frequently Asked Questions
What is this federal contract paying for?
Pension Benefit Guaranty Corporation awarded $238,383.7 to AURORA SYSTEMS CONSULTING INC. QUALYS WEB APPLICATION SCANNING
Who is the contractor on this award?
The obligated recipient is AURORA SYSTEMS CONSULTING INC.
Which agency awarded this contract?
Awarding agency: Pension Benefit Guaranty Corporation (Pension Benefit Guaranty Corporation).
What is the total obligated amount?
The obligated amount is $238,383.7.
What is the period of performance?
Start: 2022-07-21. End: 2026-07-31.
What is the track record of Aurora Systems Consulting Inc. in performing similar web application scanning services for federal agencies?
Aurora Systems Consulting Inc. has been awarded this contract by the Pension Benefit Guaranty Corporation (PBGC) for Qualys Web Application Scanning. While this specific award indicates their capability in this area, a comprehensive assessment of their track record would involve reviewing past performance on similar contracts, including client satisfaction, adherence to schedules, and technical execution. Information on their past performance with other federal agencies, if available through sources like the Federal Procurement Data System (FPDS) or agency-specific past performance databases, would provide further insight into their reliability and expertise in delivering cybersecurity services.
How does the awarded price compare to market rates for similar web application scanning services?
Benchmarking the exact price of $2.38 million for Qualys Web Application Scanning against market rates is challenging without detailed service level agreements and specific scanning frequencies. However, the contract's fixed-price nature suggests that the PBGC has negotiated a set cost for the defined scope of work. Industry reports and pricing from cybersecurity service providers can offer general comparisons. Given the duration of over four years, the annual cost needs to be considered. A thorough value assessment would involve comparing this contract's unit costs (e.g., per scan, per application) against publicly available pricing or quotes from other vendors for comparable services, adjusted for scale and complexity.
What are the primary risks associated with this contract, and how are they being mitigated?
Key risks for this contract include potential underperformance by the contractor in identifying critical vulnerabilities, delays in scanning or reporting, and the evolving nature of cyber threats outpacing the scanning capabilities. Mitigation strategies likely involve clearly defined performance standards in the contract, regular progress reviews between PBGC and Aurora Systems Consulting Inc., and potentially incorporating clauses for adapting to new threat intelligence. The fixed-price structure also incentivizes the contractor to perform efficiently. The PBGC's oversight and the competitive nature of the award (with 4 bidders) also serve as risk mitigation factors, ensuring a baseline level of quality and value.
How effective is the Qualys Web Application Scanning solution in addressing the PBGC's specific cybersecurity needs?
The effectiveness of the Qualys Web Application Scanning solution is contingent on its proper implementation and utilization by both the vendor and the PBGC. Qualys is a recognized leader in vulnerability management, and its platform is designed to identify common web application flaws (like SQL injection, cross-site scripting). For the PBGC, the effectiveness will depend on how well the tool integrates with their existing security infrastructure, the frequency and depth of scans performed, and how promptly identified vulnerabilities are remediated. The contract's success metrics, if defined, would provide a clearer picture of its effectiveness in meeting the agency's specific cybersecurity objectives.
What are the historical spending patterns of the PBGC on cybersecurity services, and how does this contract fit within them?
Analyzing historical spending patterns for the PBGC on cybersecurity services would require access to their budget and procurement data over several fiscal years. This $2.38 million contract for web application scanning represents a specific investment in a critical area of cybersecurity. Without historical data, it's difficult to definitively state how it fits. However, given the increasing threat landscape, it's plausible that PBGC's spending on such services is either stable, increasing, or represents a strategic shift towards more proactive vulnerability management. This contract likely forms part of a broader cybersecurity strategy aimed at protecting sensitive pension data.
Industry Classification
NAICS: Professional, Scientific, and Technical Services › Computer Systems Design and Related Services › Other Computer Related Services
Product/Service Code: SUPPORT SVCS (PROF, ADMIN, MGMT) › MANAGEMENT SUPPORT SERVICES
Competition & Pricing
Extent Competed: FULL AND OPEN COMPETITION AFTER EXCLUSION OF SOURCES
Solicitation Procedures: SUBJECT TO MULTIPLE AWARD FAIR OPPORTUNITY
Solicitation ID: 16PBGC22Q0036
Offers Received: 4
Pricing Type: FIRM FIXED PRICE (J)
Evaluated Preference: NONE
Contractor Details
Address: 2510 W 237TH ST STE 202, TORRANCE, CA, 90505
Business Categories: Category Business, Corporate Entity Not Tax Exempt, DoT Certified Disadvantaged Business Enterprise, Minority Owned Business, Self-Certified Small Disadvantaged Business, Small Business, Special Designations, Indian (Subcontinent) American Owned Business, U.S.-Owned Business
Financial Breakdown
Contract Ceiling: $316,577
Exercised Options: $238,384
Current Obligation: $238,384
Actual Outlays: $157,766
Contract Characteristics
Commercial Item: COMMERCIAL PRODUCTS/SERVICES
Parent Contract
Parent Award PIID: NNG15SD79B
IDV Type: GWAC
Timeline
Start Date: 2022-07-21
Current End Date: 2026-07-31
Potential End Date: 2027-07-31 00:00:00
Last Modified: 2026-04-13
More Contracts from Aurora Systems Consulting Inc
- Microsoft Premier Support — $3.5M (Department of the Treasury)
- Support Renewal — $259.5K (Department of Justice)
- THE Purchase of 10ZIG Technology, Part Numbers 7172Q-8840 and V1200-Sfpfm-Taa — $29.0K (Department of Energy)
Other Pension Benefit Guaranty Corporation Contracts
- Field Office Support Services — $141.0M (Serco Inc)
- O&M and DM&E Work — $130.5M (Science Applications International Corporation)
- Portfolio Management Services — $117.6M (Pgim, Inc.)
- Portfolio Management Services — $112.4M (Pacific Investment Management Company LLC)
- This to IS to Improve Customer Service Scores Reported by a 3rd-Party Vendor WHO Completes a Quarterly Participant Caller Survey. PSD Seeks to Improve CX by Reducing the Number of Contacts & Paper Forms Customers Complete to Fulfill Requests — $95.8M (Serco Inc)