|
Receive detailed analysis of the most important
security vulnerabilities
During the last few years, a
significant increase in attacks
exploiting vulnerabilities in commonly
used programs such as Microsoft
Internet Explorer or Adobe Acrobat and
Reader is being observed. This is
currently the primary initial
infection vector used to compromise
computers that have Internet access.
Although there are many ways to
protect against these attacks and
threats, governments need to leverage
the most detailed security
intelligence to evaluate risks, and
protect national infrastructures and
assets.
VUPEN Security provides in-depth binary analysis
of the most
significant public vulnerabilities
based on disassembly, reverse
engineering, protocol analysis, and
code audit. The service allows
government and federal agencies, and
CERTs/CSIRTs to supplement their
internal research efforts and keep
ahead of the latest threats.
Only Available for Governments and Trusted CERTs
Because of
the
sensitive
nature of
the
information
provided
through
this
service,
VUPEN
Security
has
defined
strict
eligibility
criteria
for
participants.
VUPEN
Security
solely
reserves
the right
to
determine
whether an
organization
or
corporation
meets the
criteria.
Eligible
organizations
are:
- Gov. and
Law
Enforcement
Agencies
in
Countries
Members or
Partners
of NATO,
ANZUS or
ASEAN
- Official
CERTs and
CSIRTs in
Countries
Members or
Partners
of NATO,
ANZUS or
ASEAN
VUPEN Binary Analysis & Exploits
Service includes:
 |
|
In-Depth Binary Analysis of
Vulnerabilities
In-depth technical analysis including
description of the root cause of the
vulnerability, assembly code, registers, code flow paths and branches
In-depth description of the affected
protocols or involved file formats
Exploitation techniques, reliability,
mitigations
and limitations
Detection
guidance (exploit-based and
vulnerability-based detections)
Deep references (links to third party
articles, specifications, formats) |
| |
|
|
 |
|
Exploits & Proof-of-concept Codes
VUPEN develops and provides exploit
codes or PoCs which allow gov.
organizations to:
Identify real and exploitable
vulnerabilities
within their infrastructures
and networks
Evaluate the effectiveness of existing
security policies, protections and
patches
Distinguish real threats from false
positives, and prioritize resources
Cut-time and quickly develop vuln-based
and exploit-based signatures or
detections
Improve security of their national
infrastructures, and vital systems |
| |
|
|
 |
|
Packet Captures
In addition to exploits and/or PoCs
which allow subscribers to replicate
potential attacks,
VUPEN also provides packet captures (pcap)
of the involved exploit to easily replay packets |
| |
|
|
 |
|
Technical Support
As a subscriber, you will also
have a direct access to the VUPEN
Vulnerability Research
Team, the most active security team in
the world. |
Why subscribe to this service?
With 20
to 25 binary analysis and private
exploits/PoCs released each month, the
VUPEN In-Depth Binary Analysis and
Exploits service allows gov
organizations to quickly and easily
evaluate risks related the most recent
vulnerabilities, and protect national
infrastructures against critical
vulnerabilities before they are exploited in the wild.
|
