About Us | Contact Us    

 


 

Binary Analysis & Exploits

 
  BA Service Overview
  BA for Security Vendors

  BA for Governments & CERTs

  BA for Corporations & MSSPs
  Receive More Information
 
   
 

Receive Datasheet  

 
   

 
 

Supplement your internal vulnerability research with VUPEN

During the last few years, a significant increase in attacks exploiting known (1-day) vulnerabilities in commonly used programs such as Adobe Flash or Microsoft Internet Explorer is being observed. This is currently the primary initial and most effective infection vector used by criminals to compromise computers that have Internet access.

Although there are many ways to protect against these attacks and threats, exploit-based signatures only detect specific or public exploits while the vulnerability-based signature guidance provided by VUPEN operates at a higher level and detect not only a specific exploit for a vulnerability, but potentially any actual and future exploit or variant that will attempt to take advantage of that vulnerability.

VUPEN Security provides
in-depth technical reports for the most significant public vulnerabilities based on disassembly, reverse engineering, protocol analysis, and code audit. The service allows security vendors to supplement their internal research efforts and quickly develop both vulnerability-based and exploit-based signatures to proactively protect their customers from attacks and emerging threats.

Only Available for Recognized Security Vendors

Because of the sensitive nature of the information provided through this service, VUPEN Security has defined strict eligibility criteria for participants. VUPEN Security solely reserves the right to determine whether an organization or corporation meets the criteria.

Eligible organizations are trusted security vendors providing defensive software or hardware (Antivirus, IPS, IDS).

VUPEN Binary Analysis & Exploits Service includes:

  In-Depth Binary Analysis of Vulnerabilities

In-depth technical analysis including description of the root cause of the
  vulnerability, assembly code, registers, code flow paths and branches
In-depth description of the affected protocols or involved file formats
Exploitation techniques, reliability, mitigations and limitations
Detection guidance (exploit-based and vulnerability-based detections)
Deep references (links to third party articles, specifications, formats)
     
  Exploits & Proof-of-concept Codes

VUPEN develops and provides exploit codes or PoCs which allow security vendors to:

Reduce costs related to internal research, vuln. analysis, or reverse engineering of patches 
Cut-time and quickly develop vuln-based and exploit-based signatures or detections 
Verify the effectiveness of existing signatures and detections 
Distinguish real threats from false positives 
Improve quality of their security solutions and increase competitive advantages
     
  Packet Captures

In addition to exploits and/or PoCs which allow subscribers to replicate potential attacks,
VUPEN also provides packet captures (pcap) of the involved exploit
to easily replay packets
     
  Technical Support

As a subscriber, you will also have a direct access to the VUPEN Vulnerability Research
Team, the most active security team in the world.


Why subscribe to this service?

With a large number of available VUPEN technical reports and private 1-day exploits/PoCs, the VUPEN Binary Analysis and Exploits service allows security vendors to quickly and easily develop exploit-based and vulnerability-based signatures for their security products, and proactively detect the most critical vulnerabilities before being exploited in the wild.

            

To verify your eligibility, receive prices or a formal quote,
contact Our Sales Department



 

Next Steps  

 


 

 

 

 

 

 

 

 

 

2004-2014 VUPEN Security - Copyright - Privacy Policy