Closed
Security Threat Assessment
Tender ID: 600337
Tender Details
Organisation:
Tender #:
PCS-03082
Status:
Closed
Publish Date:
14 November 2025
Closing Date:
27 November 2025
Closing Time:
11:59 PM (Australia/ACT)
Tender Description
We are seeking an experienced company to perform a fit for purpose, evidence-based Security Threat Assessment for eSafety and produce detailed findings outlining the threats identified and recommendations to mitigate risks against people, processes and technology.
The process should include the below approach.
External Assessment
- System & asset discovery
- Active scan for known vulnerabilities
- Passive analysis of security issues
- Map of externally discovered ports and services
- Identification of attack surface & rogue infrastructure
- Passive analysis of security controls for misconfigurations
- Hosting infrastructure vulnerabilities
- Mail path analysis and anti-impersonation controls
- Identification of single-factor authentication
Identification of remote access vectors
Online Research
- Compromised credentials sold online
- Malware archive evidence of C2 hosting or callbacks
- Identification of relevant threat actor and issue motivated groups
- Open and closed forum posts/mentions
- Open and closed secure messaging posts/mentions
- Social media accounts associated with eSafety
- Evidence of staff impersonation on social media
- Sentiment analysis in closed forums and hacker groups
- Sentiment analysis of intelligence provided by eSafety
- Identification and evaluation of threats to eSafety Commissioners
- Research the online presence of the eSafety Commissioner including analysis of their digital footprint that could increase their exposure to security risks
Consultation with key eSafety and ACMA stakeholders
Estimated start date: Monday, 15 December 2025
Initial contract duration: 3 months
Extension term: Not applicable
Location of work: ACT, VIC, NSW
Working arrangements: Hybrid