Specifications include, but are not limited to: Network penetration testing services for a period of 36 months. Rather than one large test per year, the annual testing strategy will consist of four, smaller quarterly tests of different assets each quarter. These smaller, more concise assessments are less likely to produce an overwhelming non-compliance report that will be difficult to remediate within reasonable timeframes. The services for this specific RFP will be focused on vulnerability assessment and penetration testing of external and internal information assets. The results of the security services will assist Macomb Community College with determining weaknesses and exposures in existing defenses as well as assist with prioritized risk-based mitigation strategy.
