Internal and External Network Penetration Testing Services for Mixed IT Environments
ID: 251-26-167
• State: North Carolina
Opportunity Assistant
Loading
Description
Background
The Wake County Public School System (WCPSS) is the nation's 15th largest school district and the largest in North Carolina, serving over 160,000 students with more than 20,000 staff. The Technology Services Department is seeking qualified vendors to provide internal and external network penetration testing services to identify vulnerabilities within the district's enterprise networks. This initiative aims to enhance security in a mixed IT environment that includes various operating systems and devices.
Work Details
The contract requires comprehensive internal and external penetration testing services, including:
- Internal Penetration Testing covering up to 100 hosts across various systems such as Windows Server (20xx–2022), Windows 10/11 clients, Linux-based appliances, UNIX systems, Legacy SCADA systems, IoT devices, and both virtual and physical infrastructures. Focus areas include network enumeration, vulnerability identification, privilege escalation, segmentation validation, and detection of misconfigurations.
- External Penetration Testing focusing on public-facing IP addresses and services with assessments of firewalls, VPNs, DNS configurations, OWASP Top 10 vulnerabilities, and exploitable pathways to internal resources.
Deliverables include a technical report detailing vulnerabilities found, an executive summary for non-technical leadership, remediation recommendations prioritized by severity, a debrief presentation upon request, and an external findings summary.
Period of Performance
The contract will be for an initial duration of twelve months with the possibility of renewal for up to four additional one-year terms based on performance.
Place of Performance
Services will be performed at various locations within the Wake County Public School System in North Carolina.
Bidder Requirements
Vendors must be licensed to do business in North Carolina with at least five years of relevant experience. At least one staff member must hold a recognized cybersecurity certification (e.g., OSCP). Vendors are required to provide three client references from similar past engagements. Compliance with WCPSS background check policies is mandatory.
The Wake County Public School System (WCPSS) is the nation's 15th largest school district and the largest in North Carolina, serving over 160,000 students with more than 20,000 staff. The Technology Services Department is seeking qualified vendors to provide internal and external network penetration testing services to identify vulnerabilities within the district's enterprise networks. This initiative aims to enhance security in a mixed IT environment that includes various operating systems and devices.
Work Details
The contract requires comprehensive internal and external penetration testing services, including:
- Internal Penetration Testing covering up to 100 hosts across various systems such as Windows Server (20xx–2022), Windows 10/11 clients, Linux-based appliances, UNIX systems, Legacy SCADA systems, IoT devices, and both virtual and physical infrastructures. Focus areas include network enumeration, vulnerability identification, privilege escalation, segmentation validation, and detection of misconfigurations.
- External Penetration Testing focusing on public-facing IP addresses and services with assessments of firewalls, VPNs, DNS configurations, OWASP Top 10 vulnerabilities, and exploitable pathways to internal resources.
Deliverables include a technical report detailing vulnerabilities found, an executive summary for non-technical leadership, remediation recommendations prioritized by severity, a debrief presentation upon request, and an external findings summary.
Period of Performance
The contract will be for an initial duration of twelve months with the possibility of renewal for up to four additional one-year terms based on performance.
Place of Performance
Services will be performed at various locations within the Wake County Public School System in North Carolina.
Bidder Requirements
Vendors must be licensed to do business in North Carolina with at least five years of relevant experience. At least one staff member must hold a recognized cybersecurity certification (e.g., OSCP). Vendors are required to provide three client references from similar past engagements. Compliance with WCPSS background check policies is mandatory.
Overview
Opportunity ID
251-26-167
Response Deadline
Sept. 24, 2025
Past Due
Date Posted
Sept. 10, 2025
Source
Source Notes
North Carolina recently changed its procurement system. Old procurements are available at https://www.ips.state.nc.us/IPS/BidNumberSearch.aspx.
Est. Value Range
Experimental
$50,000 - $200,000
(AI estimate)
Agency Distribution
High
On 9/10/25 WAKE COUNTY BD OF EDUCATION in North Carolina issued Internal and External Network Penetration Testing Services for Mixed IT Environments with ID 251-26-167 due 9/24/25.
Contacts
Documents
Posted documents for Internal and External Network Penetration Testing Services for Mixed IT Environments
Opportunity Assistant
AI Analysis
AI Generate