High Contrast
  • el
  • en
High Contrast
  • el
  • en
High Contrast
  • el
  • en

Penetration Test and Vulnerability Assessment

SEARCH - Find the Call that interests you
Print

All results

Content type
Programme Categories
Thematic category
Beneficiary
Programme category
Call status
Opened

Programme Category

EU Competitive Programmes

Programme Name

Funding under projects

Programme Description

Funding provided under previews programmes.

Programme Details

Identifier Code

CYSSDE

Call

Penetration Test and Vulnerability Assessment

Summary

The CYSSDE Open Call 2 for Penetration Testing and Vulnerability, funded by the European Commission, is an initiative aimed at strengthening European cybersecurity preparedness, enhancing capacity and capability building, and aligning with the objectives of the Digital Europe Programme.

CYSSDE aims to collaborate with up to 10 selected Penetration Testing organisations to execute a minimum of 100 Penetration Tests and Vulnerability Assessments for Essential Service Operators, SMEs, and other entities. The focus will be on critical infrastructure, with lessons learned adapted to support essential operators and SMEs.

Detailed Call Description

This open call provides financial support to third parties for penetration testing, vulnerability assessments, and improved risk monitoring under the DIGITAL-ECCC-2023-DEPLOY-CYBER-04-SUPPORT-ASSIST topic. The actions will interact closely with the European Member State National Cybersecurity Coordination Centres (NCC) and will be guided and supported by the European Cybersecurity Competence Center (ECCC).

Upon being selected and signing the Sub-Arant Agreement, beneficiaries will receive up to 18 months of tailored support across four key stages:

  • Stage 1: Execution Plan (month 1), the applicant will create an execution plan (or roadmap) based on their application. This plan will guide the implementation, outlining clear goals, KPIs, deliverables, and the necessary mentorship and resources.
  • Stage 2: Developing testing scenarios (months 2-6): Preparation, Design and Development for Testing of Penetration Testing Activities – During this stage, the Participants must carry out all preparational activities (planning, installing systems, testing) for Penetration Testing, Vulnerability Assessments and other supporting activities for the end user.
  • Stage 3: External Assessments with End-Users (months 7-15): Implementation of Penetration Tests including Vulnerability Assessments for End-Users. At this third stage, the penetration testing and vulnerability assessment for the end users must be done, at least 10 per beneficiary.
  • Stage 4: Outputs and Sustainability Services (months 16-18): Generating Output including Publications; providing Mitigation Services. Participants will be guided and supported in the awareness creation and/or publication of their results efforts, with assistance in connection to risk monitoring, announcements, and disclosure of the vulnerabilities to the operating organisation and the manufacturer or producer.

Call Total Budget

€2.000.000

Financing percentage by EU or other bodies / Level of Subsidy or Loan

The total maximum amount of funding per participating organisation however is €200.000.

This first open call will select up to 10 applications. Successful applicants will be receiving up to €200.000 in 50% co-funding and up to 18 months of tailored support, structured across four key stages. The beneficiaries will receive support and counselling from CYSSDE mentors during this support programme.

At least 50% co-funding is required, selected beneficiaries have to co-finance the activity by a minimum of 50% of the total costs of the activity. Applicants seeking to receive €200.000 therefore have to indicate that the total cost of the Pen Testing and Vulnerability Assessment activities will be €400.000 or more.

This action follows a lump-sum funding model.

Thematic Categories

  • Information Technology
  • New Entrepreneurship
  • Research, Technological Development and Innovation
  • Small-Medium Enterprises and Competitiveness

Eligibility for Participation

  • Large Enterprises
  • Legal Entities
  • Other Beneficiaries
  • Researchers/Research Centers/Institutions
  • Small and Medium Enterprises (SMEs)
  • State-owned Enterprises

Eligibility For Participation Notes

The eligible entities by CYSSDE open call should be individual entities or consortia of a maximum of 2 entities being SMEs (including micro-enterprises and start-ups), mid-caps or large companies, research centres and public bodies that are registered in the Member States of the European Union.

CYSSDE partners and their affiliate entities, employees or associates are NOT eligible to act as applicants.

NCCs that participate in OC1 are eligible to participate in OC2 and/or OC3.

Call Opening Date

07/01/2025

Call Closing Date

07/04/2025

EU Contact Point

If you have questions on the general Call process and proposal submission, you can contact by email the: helpdesk@cyssde.eu

Website