VUPEN is the leading provider of defensive and offensive cyber security
intelligence and advanced vulnerability research.
While other companies in the vulnerability intelligence industry mainly act as brokers who buy vulnerabilities from third-party researchers and then sell them to their customers, all VUPEN's vulnerability intelligence results exclusively from our internal and in-house research efforts conducted by our team of world-class researchers.
VUPEN's offensive IT intrusion solutions and government grade exploits enable government agencies and the Intelligence
community to achieve their
offensive cyber missions and critical network operations using VUPEN's industry-recognized
VUPEN's defensive security research enables governments
to measure and manage risks,
eliminate vulnerabilities before they can be exploited, and
protect critical or national infrastructures and assets against known
and unknown exploits and cyber threats.
VUPEN customers include worldwide governments
and major corporations.
Awards & Industry Recognition
March 2014, VUPEN has once again
won the 1st place at the Pwn2Own 2014
security competition by creating and showing zero-day
exploits for Google Chrome, Internet Explorer 11, Adobe
Reader XI, Adobe Flash, and Mozilla Firefox. The exploits
have fully bypassed all Windows 8.1 security protections and
exploit mitigation in place, and all sandboxes. VUPEN has
reported all the discovered zero-day vulnerabilities to the
affected vendors to allow them fix the flaws and protect
users from attacks.
March 2013, VUPEN has
won the 1st place at the Pwn2Own 2013
security competition by creating and showing the first
exploit for Internet Explorer 10 Classic (Desktop) and IE 10
Modern UI (Metro)
on Microsoft Surface Pro running a Wndows 8 operating
system. The exploit fully bypassed all Windows 8 security protections and exploit mitigation
technologies including HiASLR, DEP, AntiROP and Protected
Mode sandbox. VUPEN has also created and demonstrated
various exploits for the latest versions of Mozilla Firefox,
Adobe Flash Player, and Oracle Java.
March 2012, VUPEN has
won the 1st place at the Pwn2Own 2012
security competition by creating and showing extremely sophisticated zero-day
exploits which fully compromised up-to-date Google Chrome
and Microsoft Internet Explorer browsers, and
bypassed all security protections and exploit mitigation
technologies such as DEP, ASLR and sandboxes.
To demonstrate its in-depth knowledge of software
vulnerabilities and advanced exploit development
team has also written, on-site during the event and
in less than 24 hours,
6 distinct code execution exploits for previously patched
Internet Explorer, Firefox, and Safari vulnerabilities on
Windows and Mac OS X operating systems.
June 2011, VUPEN has been recognized as "Company of the
Year 2011 in the Vulnerability Research Market" by Frost &
"VUPEN has made great strides in the vulnerability
research market, proving that it is a top competitor against
competing labs. Frost & Sullivan firmly believes that
VUPEN's dedication and entrepreneurial drive to provide the
highest quality security intelligence to meet the needs of
the current security environment has proven VUPEN as a
reputable and innovative vulnerability research company."
says Frost & Sullivan research analyst Richard Martinez.
In March 2011, VUPEN has participated to and
Pwn2Own 2011 security
by discovering and exploiting a critical and previously unknown vulnerability in Apple
Mac OS X Snow Leopard.
During this event, VUPEN has
demonstrated its sophisticated and highly reliable exploits bypassing all
security protections and exploit mitigation technologies.
VUPEN Vulnerability Research Team (VRT) is the most active
security team in the world. Additionally to analyzing and
exploiting recently patched or publicly disclosed flaws, VUPEN
security engineers and researchers are also dedicated to
finding critical and
unpatched vulnerabilities in
prominent and widely deployed software created by Microsoft, Adobe, Oracle, Google, Mozilla, IBM, HP, etc.